This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Unrestricted File Upload in 'I Draw' plugin. π₯ **Consequences**: Attackers upload malicious files (e.g., PHP shells), leading to full server compromise, data theft, or site defacement.β¦
π― **Affected**: WordPress Plugin 'I Draw'. π¦ **Versions**: Version 1.0 and earlier. π’ **Vendor**: aidraw. β οΈ **Note**: Core WordPress is not directly vulnerable, only this specific plugin.
Q4What can hackers do? (Privileges/Data)
π» **Hackers Can**: Execute arbitrary PHP code on the server. π **Privileges**: Gain remote code execution (RCE). π **Data**: Access sensitive site data, database credentials, or install backdoors.β¦
π **Public Exploit**: YES. π **PoC Available**: GitHub repo by 'Nxploited' provides a Python script. π **Status**: Active PoC exists, making exploitation straightforward for anyone with access to the tool.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Scan for 'I Draw' plugin version β€ 1.0. π **Inspect**: Check upload directories for suspicious `.php` files. π οΈ **Tool**: Use the provided PoC script against target URLs to verify vulnerability.β¦
π οΈ **Official Patch**: Data does not explicitly confirm a fixed version release date, but Patchstack lists the vulnerability. π **Action**: Check vendor 'aidraw' for updates.β¦