Better Find and Replace WordPress Plugin Limited Code Injection Vulnerability

A limited code injection vulnerability has been identified in the Better Find and Replace – AI-Powered Suggestions plugin for WordPress, affecting all versions through 1.7.7. The vulnerability arises from inadequate input validation in the 'rtafar_ajax' function, allowing authenticated attackers with Subscriber-level access or higher to invoke arbitrary plugin functions and execute corresponding code.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution within the context of the affected WordPress site.

Reproduction

To reproduce this vulnerability, an authenticated user with Subscriber-level access can send a request to the 'rtafar_ajax' endpoint. The request must include a valid 'cs_token' and specify a method that corresponds to a callable function within the plugin. This can be done using the WordPress AJAX API.

Remediation

Users are advised to update the Better Find and Replace plugin to version 1.7.8 or later.