Elegance Menu WordPress Plugin Local File Inclusion Vulnerability

A local file inclusion vulnerability has been identified in the Elegance Menu plugin for WordPress, affecting all versions up to and including 1.9. The vulnerability arises in the 'elegance-menu' attribute of the 'elegance-menu' shortcode, allowing authenticated attackers with Contributor-level access and above to include and execute arbitrary PHP files on the server. This exploitation could bypass access controls, access sensitive data, or execute code in cases where PHP files can be uploaded and included.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of PHP code on the server, potentially allowing attackers to bypass access controls, access sensitive information, or execute malicious actions, especially in environments where uploaded PHP files can be included and executed.

Reproduction

To reproduce this vulnerability, an authenticated user with Contributor-level access or higher can use the 'elegance-menu' shortcode and include a malicious PHP file through the 'elegance-menu' attribute. The included file will be executed on the server, allowing for arbitrary code execution.

Remediation

No known patch is available for this vulnerability. Users are advised to review the vulnerability details and consider uninstalling the affected plugin.