WordPress Plugin Vulnerabilities

Advanced File Manager < 5.1.1 - Admin+ Arbitrary File/Folder Access

Description

The plugin does not adequately authorize its usage on multisite installations, allowing site admin users to list and read arbitrary files and folders on the server.

Proof of Concept

On a multisite installation, log in as a site admin. Notice that you are able to manage files on the server using this plugin.

Affects Plugins

Plugin icon
file-manager-advanced
Fixed in 5.1.1

References

CVE
CVE-2023-3814

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
6.6 (medium)

Miscellaneous

Original Researcher
Dmitrii
Submitter
Dmitrii
Submitter website
https://blog.cleantalk.org
Verified
Yes
WPVDB ID
ca954ec6-6ebd-4d72-a323-570474e2e339

Timeline

Publicly Published
2023-08-14 (about 3 months ago)
Added
2023-08-14 (about 3 months ago)
Last Updated
2023-08-14 (about 3 months ago)

Other

Published
Title
Published
2022-01-03
Title
TrustMate.io integration for WooCommerce < 1.7.1 - Subscriber+ Arbitrary Blog Option Update
Published
2021-03-17
Title
WP Page Builder < 1.2.4 - Insecure default configuration Allows Subscribers Editing Access to Posts
Published
2021-11-01
Title
Contest Gallery < 13.1.0.7 - Subscriber+ Email Address Disclosure
Published
2021-07-12
Title
Advanced Menu Manager < 3.0.7 - Unauthorised Menu Creation/Deletion
Published
2022-06-27
Title
miniOrange's Google Authenticator < 5.5.75 - Reflected Cross-Site Scripting