This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Arbitrary File Upload via missing validation in `upload-handler.php`.β¦
π’ **Vendor**: AIT Themes. <br>π¦ **Product**: AIT CSV import/export. <br>π **Affected Versions**: **3.0.3 and earlier**. <br>π **Platform**: WordPress sites using this specific plugin.
Q4What can hackers do? (Privileges/Data)
π **Privileges**: **Full System Control**. <br>π **Data**: Complete access to server files, database, and user data. <br>β‘ **Impact**: High (CVSS 9.8).β¦
π **Threshold**: **LOW**. <br>π **Auth**: No authentication required (`PR:N`). <br>π±οΈ **UI**: No user interaction needed (`UI:N`). <br>π **Access**: Network accessible (`AV:N`). Easy to exploit remotely.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π£ **Exploit Status**: **YES**. <br>π **Evidence**: Public Metasploit module exists (`wp_ait_csv_rce.rb`). <br>π’ **Advisories**: Confirmed by Acunetix, WordFence, and WPScan. Wild exploitation is highly likely.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: <br>1. Scan for `AIT CSV import/export` plugin. <br>2. Verify version is **β€ 3.0.3**. <br>3. Check for `upload-handler.php` in the plugin directory. <br>4.β¦
π« **No Patch Workaround**: <br>1. **Disable/Uninstall** the plugin if not needed. <br>2. **Restrict File Uploads**: Use WAF rules to block PHP uploads in the upload directory. <br>3.β¦