Actively Exploited in the Wild
This vulnerability is being actively exploited in the wild.
Alex Reservations WordPress Plugin Arbitrary File Upload Vulnerability
Vulnerability
A vulnerability allowing arbitrary file uploads has been identified in the Alex Reservations: Smart Restaurant Booking WordPress plugin, affecting all versions through 2.2.3. The issue arises from inadequate file type validation in the REST endpoint /wp-json/srr/v1/app/upload/file. This flaw enables authenticated attackers with Administrator-level access to upload arbitrary files to the server, potentially leading to remote code execution.
Impact
Exploitation of this vulnerability allows authenticated WordPress administrators to upload malicious PHP files to the server, which could be executed to compromise the site.
Reproduction
To reproduce this vulnerability, an authenticated user with Administrator privileges can upload files through the vulnerable REST endpoint. The uploaded file is then saved to the server without proper validation, allowing for the execution of malicious scripts.
Remediation
Users are advised to update the Alex Reservations WordPress plugin to version 2.2.4 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.