This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Remote Code Execution (RCE) in WordPress File Upload plugin. <br>π₯ **Consequences**: Attackers can execute arbitrary code on the server, read/delete files, and take full control of the WordPress instance.β¦
π‘οΈ **Root Cause**: CWE-94 (Code Injection). <br>π **Flaw**: The `wfu_file_downloader.php` file fails to sanitize the `source` parameter. It allows user-defined directory paths, leading to unsafe code execution.
Q3Who is affected? (Versions/Components)
π¦ **Affected**: WordPress plugin **WordPress File Upload** (by nickboss/Iptanus). <br>π **Versions**: All versions up to and including **4.24.15**. If you are running this version or older, you are at risk!
β‘ **Threshold**: **LOW**. <br>π **Auth**: **None required** (Unauthenticated). <br>π **Access**: Network-accessible (AV:N). Any visitor can trigger this vulnerability. No login needed!
Q6Is there a public Exp? (PoC/Wild Exploitation)
π£ **Public Exploit**: **YES**. <br>π **PoC**: Available on GitHub (by Chirag Artani/Sachinart). <br>π **Wild Exploitation**: High risk. Proof-of-concept code is public, making it easy for malicious actors to weaponize.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: <br>1. Check your WordPress plugins for **WordPress File Upload**. <br>2. Verify version number (<= 4.24.15). <br>3. Scan for the presence of `wfu_file_downloader.php`. <br>4.β¦
π§ **No Patch? Workaround**: <br>1. **Disable** the plugin immediately if not needed. <br>2. **Restrict access** to `wfu_file_downloader.php` via .htaccess or WAF rules. <br>3.β¦
π₯ **Urgency**: **CRITICAL**. <br>β³ **Priority**: **IMMEDIATE ACTION**. <br>π **Impact**: CVSS 9.8 (High). Unauthenticated RCE is a top-tier threat. Patch now to prevent server compromise!