Invelity Products Feeds WordPress Plugin Arbitrary File Deletion Vulnerability

A vulnerability allowing arbitrary file deletion via path traversal has been identified in the Invelity Product Feeds plugin for WordPress, affecting all versions through 1.2.6. This issue arises from inadequate validation and sanitization in the 'createManageFeedPage' function. Authenticated administrators can exploit this vulnerability by sending specially crafted requests that include path traversal sequences, potentially deleting arbitrary files on the server, especially if they can persuade an admin to click a malicious link.

Impact

Exploitation of this vulnerability allows authenticated administrators to delete arbitrary files on the server.

Reproduction

To reproduce this vulnerability, an authenticated administrator must be tricked into clicking a link that initiates a request to the WordPress admin interface. This request must include a path traversal sequence that exploits the vulnerability in the 'createManageFeedPage' function of the Invelity Product Feeds plugin. Once the link is clicked, the server will process the request and delete the specified file, demonstrating the arbitrary file deletion capability.

Remediation

No known patch is available for this vulnerability. It is recommended to review the vulnerability details and consider uninstalling the affected plugin.