This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Arbitrary File Upload in SurveyJS plugin. π **Consequences**: Attackers can upload malicious files (e.g., webshells), leading to **Remote Code Execution (RCE)** and full server compromise.β¦
π‘οΈ **Root Cause**: Missing file type validation. π« The plugin allows uploading **dangerous file types** without checking extensions or content. π **CWE-434**: Unrestricted Upload of File with Dangerous Type.
Q3Who is affected? (Versions/Components)
π¦ **Product**: WordPress Plugin: SurveyJS: Drag & Drop Form Builder. π’ **Vendor**: devsoftbaltic. π **Affected Versions**: **1.9.136 and earlier**. β Safe if version > 1.9.136.
π» **Exploit Available**: Yes! π **PoC**: Public GitHub PoC by RandomRobbieBF. π Link: `https://github.com/RandomRobbieBF/CVE-2024-50427`. β‘ **Status**: Active exploitation possible for authenticated users.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: 1. Check WP Plugin list for 'SurveyJS'. 2. Verify version β€ 1.9.136. 3. Scan for uploaded `.php` or `.exe` files in upload directories. π§ͺ Use automated scanners detecting CWE-434.
Q8Is it fixed officially? (Patch/Mitigation)
π§ **Fix**: Update SurveyJS plugin to version **> 1.9.136**. π’ **Vendor**: devsoftbaltic. π **Published**: 2024-10-29. π Patchstack also lists this vulnerability entry.
Q9What if no patch? (Workaround)
π§ **No Patch?**: 1. **Disable** the plugin immediately. 2. **Restrict** file upload permissions in `wp-config.php` or server config. 3. **Block** `.php` execution in upload folders via `.htaccess` or Nginx rules.β¦
π₯ **Urgency**: HIGH. π¨ CVSS Score: **9.8** (Critical). β‘ Even with auth requirement, Subscriber accounts are easy to obtain. π£ RCE risk is severe. π **Action**: Patch or disable IMMEDIATELY.