S2B AI Assistant WordPress Plugin Arbitrary File Upload Vulnerability

A vulnerability allowing arbitrary file uploads has been identified in the S2B AI Assistant WordPress plugin, specifically in versions through 1.7.8. This issue arises from inadequate file type validation in the 'storeFile()' function, which is part of the plugin's upload functionality. As a result, authenticated users with Editor-level access or higher can upload potentially malicious files, such as PHP scripts, to the server. The vulnerability could be exploited to execute remote code, given the right conditions.

Impact

Exploitation of this vulnerability allows authenticated users with Editor privileges or higher to upload arbitrary files, including executable PHP scripts, to the server. This could lead to unauthorized code execution.

Reproduction

To reproduce this vulnerability, an authenticated user with Editor-level access must upload a file through the WordPress admin interface. The upload will bypass standard file type restrictions, allowing the user to send a PHP file that could be executed on the server.

Remediation

Users are advised to update the S2B AI Assistant plugin to version 1.7.9 or later, where this vulnerability has been patched.