Advanced File Manager Stored Cross-Site Scripting Vulnerability via SVG Uploads
Vulnerability
A stored cross-site scripting vulnerability has been identified in the Advanced File Manager WordPress plugin, specifically in versions through 5.2.14. This issue arises from inadequate input sanitization and output escaping, allowing authenticated attackers with Subscriber-level access or higher, and permissions granted by an Administrator, to upload SVG files containing malicious scripts. These scripts are executed when users access the SVG files.
Impact
Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the file.
Reproduction
To reproduce this vulnerability, an authenticated user with Subscriber-level access or higher must upload an SVG file containing malicious scripts using the Advanced File Manager plugin. The uploaded file should then be accessed by another user, triggering the execution of the injected scripts.
Remediation
Users are advised to update the Advanced File Manager plugin to version 5.3.0 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.