Flex QR Code Generator WordPress Plugin Unauthenticated Arbitrary File Upload Vulnerability

A vulnerability exists in the Flex QR Code Generator plugin for WordPress, in all versions through 1.2.6. The issue arises from inadequate file type validation in the 'update_qr_code' function, allowing unauthenticated attackers to upload arbitrary files, including executable PHP scripts. This could lead to remote code execution on the affected site's server.

Impact

Exploitation of this vulnerability allows for arbitrary file uploads, which could be used to execute malicious scripts on the server, leading to remote code execution.

Reproduction

To reproduce this vulnerability, upload a PHP file containing a web shell payload through the 'update_qr_code' AJAX endpoint. The uploaded file will be stored in the WordPress uploads directory, where it can be accessed and executed.

Remediation

No known patch is available. It is recommended to uninstall the affected plugin and find a replacement.