Description

WordPress Plugin WordPress Download Manager is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible. WordPress Plugin WordPress Download Manager version 2.8.97 is vulnerable; prior versions may also be affected.

Remediation

Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available

References

https://www.pluginvulnerabilities.com/2016/06/27/authenticated-arbitrary-file-upload-vulnerability-in-wordpress-download-manager/

Related Vulnerabilities

Joomla! Core 2.5.x Denial of Service (2.5.0 - 2.5.9)

WordPress Plugin Flog Server-Side Request Forgery (1.0beta3)

WordPress Plugin Awesome Support-WordPress HelpDesk & Support Multiple Vulnerabilities (4.3.1)

WordPress Plugin Automattic Stats Referer Field HTML Injection (1.0)

WordPress Plugin Feed Them Social-Facebook, Instagram, Twitter, YouTube & Pinterest Unspecified Vulnerability (1.9.3)

Severity

High

Classification

CWE-434

Tags

Missing Update Unauthenticated File Upload