This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: A Local File Inclusion (LFI) vulnerability in WordPress JSmol2WP Plugin.β¦
π‘οΈ **Root Cause**: Improper input validation in the `jsmol.php` query string. π **Flaw**: The plugin fails to sanitize the `query` parameter, allowing directory traversal (`../`) and PHP stream wrappers (`php://filter`).
Q3Who is affected? (Versions/Components)
π― **Affected**: WordPress sites using the **JSmol2WP Plugin**. π¦ **Version**: Specifically **v1.07** is confirmed vulnerable. β οΈ Other older versions may also be at risk.
Q4What can hackers do? (Privileges/Data)
π **Hackers Can**: Read **arbitrary files** on the server. π **Impact**: Obtain sensitive info, modify data, or perform Server-Side Request Forgery (SSRF). π« **Privileges**: Context of the affected site.
Q5Is exploitation threshold high? (Auth/Config)
β‘ **Threshold**: **LOW**. πͺ **Auth**: No authentication required for exploitation. βοΈ **Config**: Direct access to the vulnerable endpoint (`jsmol.php`) is sufficient.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π₯ **Public Exp?**: **YES**. π **PoC**: Available on GitHub (Henry4E36). π οΈ **Tools**: Nuclei templates also exist for automated scanning. π **Wild Exploitation**: High risk due to simple script availability.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Scan for `jsmol.php` endpoints. π§ͺ **Test**: Inject `../` and `php://filter/resource=` into the `query` parameter. π‘ **Scanner**: Use Nuclei with the specific CVE-2018-20463 template.