Iptanus WordPress File Upload
Moderate fix1 remedy
cpe:2.3:a:iptanus:wordpress_file_upload:*:*:*:*:wordpress:*:*
Moderate fix1 remedy
- <= 4.24.15
WordPress File Upload Plugin Missing Capability Check Vulnerability Allowing Limited Path Traversal
Vulnerability
Patched
A vulnerability exists in the WordPress File Upload plugin, specifically in versions through 4.24.15. The issue arises from a lack of proper capability checks in the 'wfu_ajax_action_read_subfolders' function. This flaw enables authenticated attackers with Subscriber-level access or higher to execute limited path traversal, allowing them to view directories and subdirectories within WordPress. However, this vulnerability does not permit access to files themselves.
Impact
Exploitation of this vulnerability could lead to unauthorized directory traversal, allowing attackers to view directory structures and subdirectory contents within WordPress.
Reproduction
To reproduce this vulnerability, an authenticated user with Subscriber-level access or higher can send a request to the 'wfu_ajax_action_read_subfolders' function without the necessary capability checks. This can be done by exploiting the missing authorization to access subfolder structures defined in WordPress File Upload shortcodes.
Remediation
Users are advised to update the WordPress File Upload plugin to version 4.25.0 or later.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
1.0impact
2.5exploitability
6.4remediation
7.7relevance
0.0threat
4.8urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.