This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Arbitrary File Upload vulnerability in Smallerik File Browser.β¦
π‘οΈ **Root Cause**: **CWE-434** (Unrestricted Upload of File with Dangerous Type). The plugin fails to validate file extensions or content types before saving uploads. β οΈ No sanitization or allow-listing implemented.
Q3Who is affected? (Versions/Components)
π¦ **Affected**: **Smallerik File Browser** WordPress Plugin. π **Version**: 1.1 and earlier. π’ **Vendor**: Enrico Sandoli. Note: Core WordPress is not directly vulnerable, but the plugin integration is at risk.
Q4What can hackers do? (Privileges/Data)
π΅οΈ **Attacker Actions**: Upload PHP/JS shells. ποΈ **Privileges**: Execute arbitrary code on the server. π **Data**: Read/Write sensitive files, steal user data, or pivot to internal networks.β¦
π **Threshold**: **Low** for Auth, **High** for Access. Requires **PR:L** (Low Privileges) β meaning the attacker needs a valid WordPress account (even subscriber level). No UI interaction needed (UI:N).β¦
π **Self-Check**: 1. Scan for `Smallerik File Browser` plugin. 2. Check version <= 1.1. 3. Look for upload endpoints in the plugin. 4. Test if `.php` files can be uploaded via the file browser interface.β¦
π₯ **Urgency**: **HIGH**. CVSS Vector indicates High Impact (C:H, I:H, A:H). Even with PR:L, the ease of exploitation (AC:L) makes it dangerous. π **Priority**: Patch immediately or disable the plugin to prevent RCE.β¦