PT-2017-14652 · Accesspress · Accesskeys Accesspress Anonymous Post Pro

Colette Chamberland

Publicado

2017-12-18

Atualizado

2018-01-12

CVE-2017-16949

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions AccessKeys AccessPress Anonymous Post Pro plugin versions through 3.1.9

Description The issue is related to improper input sanitization, allowing an attacker to override settings for allowed file extensions and upload file size. This is due to vulnerabilities in the inc/cores/file-uploader.php and file-uploader/file-uploader-class.php files. An attacker can upload any file to the server, including .php files, by sending a request to the "action=ap file upload action&allowedExtensions[]=php" endpoint at "/wp-admin/admin-ajax.php", resulting in PHP code execution.

Recommendations For AccessKeys AccessPress Anonymous Post Pro plugin versions through 3.1.9, update to a version later than 3.1.9 to resolve the issue.

Exploit

Correção

Unrestricted File Upload

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-434

Identificadores relacionados

CVE-2017-16949

Produtos afetados

Accesskeys Accesspress Anonymous Post Pro

PT-2017-14652 · Accesspress · Accesskeys Accesspress Anonymous Post Pro

CVE-2017-16949

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5