Description

WordPress Plugin Enable Media Replace is prone to an SQL injection vulnerability and an arbitrary file upload vulnerability because it fails to sanitize user-supplied data. Exploiting these issues could allow an attacker to compromise the application, execute arbitrary code, access or modify data, or exploit latent vulnerabilities in the underlying database. WordPress Plugin Enable Media Replace version 2.3 is vulnerable; other versions may also be affected.

Remediation

Update to plugin version 2.4 or latest

References

http://www.securityfocus.com/bid/46286/exploit

http://www.exploit-db.com/exploits/16144/

http://secunia.com/advisories/43256

https://wordpress.org/plugins/enable-media-replace/changelog/

Related Vulnerabilities

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17897)

PHP Resource Management Errors Vulnerability (CVE-2010-3710)

Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.17)

WordPress Plugin Cherry Multiple Vulnerabilities (1.2.6)

WordPress Plugin Quick Cache (Speed Without Compromise) Unspecified Vulnerability (140725)

Severity

High

Classification

CWE-89 CWE-434 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update SQL Injection Unauthenticated File Upload