WordPress Plugin Vulnerabilities

Insert or Embed Articulate Content into WordPress < 4.3000000025 - Author+ Upload to RCE

Description

The plugin is not properly filtering which file extensions are allowed to be imported on the server, allowing the uploading of malicious code within zip files

Proof of Concept

Affects Plugins

Plugin icon
insert-or-embed-articulate-content-into-wordpress
Fixed in 4.30000000254.3000000025

References

CVE
CVE-2024-0757
URL
https://research.cleantalk.org/cve-2024-0757/
YouTube Video

Classification

Type
RCE
OWASP top 10
A1: Injection
CWE
CWE-94
CVSS
9.1 (critical)

Miscellaneous

Original Researcher
Dmitrii Ignatyev
Submitter
Dmitrii Ignatyev
Submitter website
https://research.cleantalk.org
Verified
Yes
WPVDB ID
eccd017c-e442-46b6-b5e6-aec7bbd5f836

Timeline

Publicly Published
2024-05-14 (about 1 year ago)
Added
2024-05-14 (about 1 year ago)
Last Updated
2025-04-29 (about 8 months ago)

Other

Published
Title
Published
2024-08-22
Title
File Manager Pro < 8.3.8 - Authenticated (Subscriber+) Arbitrary File Upload
Published
2024-08-12
Title
JS Help Desk – The Ultimate Help Desk & Support Plugin < 2.8.7 - Unauthenticated PHP Code Injection to Remote Code Execution
Published
2025-02-21
Title
Show Me The Cookies <= 1.0 - Unauthenticated Arbitrary Shortcode Execution
Published
2024-03-25
Title
Check & Log Email < 1.0.10 - Unauthenticated Hook Injection
Published
2024-11-25
Title
InPost Gallery < 2.1.4.3 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via inpost_gallery_get_shortcode_template