InstaWP Connect WordPress Plugin Local File Inclusion Vulnerability

A local file inclusion vulnerability has been identified in the InstaWP Connect WordPress plugin, specifically in versions through 0.1.0.85. The issue arises in the 'instawp-database-manager' parameter, allowing unauthenticated attackers to include and execute arbitrary files on the server. This vulnerability could be exploited to execute PHP code from the included files, potentially bypassing access controls, accessing sensitive information, or executing code if certain file types can be uploaded and included.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of PHP code on the server, with the potential to access sensitive data or manipulate server functions, depending on the executed code.

Reproduction

The vulnerability can be reproduced by sending a request to a WordPress site with the InstaWP Connect plugin installed, using the 'instawp-database-manager' parameter to specify a file to include. The specified file must be accessible on the server and can contain PHP code that will be executed when the file is included.

Remediation

Users are advised to update the InstaWP Connect plugin to version 0.1.0.86 or later.