Wordpress Omni Secure Files Plugin 'upload.php' Arbitrary File Upload Vulnerability Network Vulnerability

Summary

This host is running WordPress Omni Secure Files Plugin and is prone to file upload vulnerability.

Impact

Successful exploitation will allow attacker to upload arbitrary PHP code and run it in the context of the Web server process. Impact Level: System/Application

Solution

No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.

Insight

The flaw is due to the wp-content/plugins/omni-secure-files/plupload/ examples/upload.php script improperly verifying uploaded files. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script.

Affected

Wordpress Omni Secure Files Plugin version 0.1.13

References

http://osvdb.org/82790
http://packetstormsecurity.org/files/113411/wpomnisecure-shell.txt
http://secunia.com/advisories/49441
http://www.exploit-db.com/exploits/19009
http://xforce.iss.net/xforce/xfdb/76121

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

b2Evolution title SQL Injection
Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities
Apache Tomcat Windows Installer Privilege Escalation Vulnerability
AdPeeps 'index.php' Multiple Vulnerabilities.
4Images <= 1.7.1 Directory Traversal Vulnerability

Take action and discover your vulnerabilities