WordPress Uploadify Plugin Arbitrary File Upload Vulnerability

A vulnerability exists in the Uploadify WordPress plugin, specifically in versions up to and including 1.0. The issue arises from inadequate file type validation in 'process_upload.php', allowing unauthenticated remote attackers to upload arbitrary files to the affected WordPress site. This vulnerability could lead to remote code execution by uploading executable files to a location accessible via the web.

Impact

Exploitation of this vulnerability allows for arbitrary file uploads, which could be used to upload and execute malicious PHP scripts on the server, potentially leading to unauthorized access or privilege escalation.

Reproduction

The vulnerability can be reproduced by uploading a file through the Uploadify plugin's file upload feature. The 'process_upload.php' file will accept the upload without proper validation, allowing files to be uploaded to the server. After uploading a PHP shell, it can be accessed via the web to execute commands on the server.

Remediation

There is no known patch for this vulnerability. Users are advised to disable the Uploadify plugin or uninstall it and find a replacement.