WordPress Work The Flow File Upload Plugin Arbitrary File Upload Vulnerability Allowing Remote Code Execution
Vulnerability
A vulnerability exists in the WordPress Work The Flow File Upload plugin, specifically in versions through 2.5.2, allowing for arbitrary file uploads. This issue arises from inadequate file type validation in the jQuery File Upload 9.5.0 server and test files. As a result, unauthenticated attackers can upload arbitrary files to the affected site's server, potentially leading to remote code execution.
Impact
Exploitation of this vulnerability allows for arbitrary file uploads, which can be used to upload malicious PHP files that execute code on the server, creating a backdoor for the attacker.
Reproduction
To reproduce this vulnerability, upload a PHP file through the WordPress Work The Flow File Upload plugin's file upload feature. The uploaded file will be processed by the jQuery File Upload server, which lacks proper validation, allowing the PHP file to be executed as a script.
Remediation
Users are advised to update the WordPress Work The Flow File Upload plugin to version 2.5.3 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.