Unlimited Addons for WPBakery Page Builder Arbitrary File Upload Vulnerability

A vulnerability allowing arbitrary file uploads has been identified in the Unlimited Addons for WPBakery Page Builder plugin for WordPress, affecting versions through 1.0.42. This issue arises from inadequate validation of file types in the 'importZipFile' function. As a result, authenticated attackers with roles granted access to the plugin (typically editors or contributors) can upload arbitrary files to the server, potentially leading to remote code execution.

Impact

Exploitation of this vulnerability could allow for arbitrary file uploads, which may be used to execute malicious code on the server.

Reproduction

To reproduce this vulnerability, an authenticated user with an editor or contributor role must upload a ZIP file containing a malicious payload through the WordPress admin interface. The 'importZipFile' function will process the upload without properly validating the file type, allowing the arbitrary file to be saved on the server.

Remediation

No known patch is available. It is recommended to uninstall the affected plugin and find a replacement.