WPCasa WordPress Plugin Code Injection Vulnerability
Vulnerability
A code injection vulnerability exists in the WPCasa plugin for WordPress, affecting all versions through 1.4.1. The issue arises from inadequate input validation in the 'api_requests' function, allowing unauthenticated attackers to invoke arbitrary functions and execute code.
Impact
Exploitation of this vulnerability allows for unauthorized code execution on the server where the WordPress site is hosted.
Reproduction
The vulnerability can be reproduced by sending a request to the WordPress site with the 'wpsight-api' query variable. This can be done through the WordPress REST API or by directly manipulating the query variables. Since the vulnerability is in the 'api_requests' function, which is hooked to 'parse_request', it can be triggered by any request that includes the 'wpsight-api' variable. The absence of proper validation allows for the execution of arbitrary code by calling specific functions that have been whitelisted or are accessible.
Remediation
Users are advised to update the WPCasa plugin to version 1.4.2 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.