WordPress Site Checkup Plugin Log File Poisoning Vulnerability

A log file poisoning vulnerability has been identified in the WordPress Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue plugin, affecting all versions through 1.47. This vulnerability allows unauthenticated attackers to inject arbitrary content into log files, potentially leading to a denial-of-service condition by exhausting disk space.

Impact

Exploitation of this vulnerability could result in log file poisoning, allowing for the insertion of arbitrary content into log files. This could cause a denial-of-service condition by exhausting available disk space.

Reproduction

The vulnerability can be reproduced by sending a request to the WordPress site with the 'action' parameter set to 'bill_minozzi_js_error_catched'. This request must include a nonce for verification and a 'bill_js_error_catched' parameter containing the error message to be logged. If the log file exists and is writable, the error message will be appended to the log, poisoning it with the injected content.

Remediation

Users are advised to update the Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue plugin to version 1.48 or later.