CVE-2024-12544

Name of the Vulnerable Software and Affected Versions SurveyJS: Drag & Drop WordPress Form Builder plugin versions up to and including 1.12.17

Description The issue allows authenticated attackers with Subscriber-level access and above to delete arbitrary files on the server due to a missing capability check on the callback function of the SurveyJS DeleteFile class. This can lead to remote code execution when a critical file, such as wp-config.php, is deleted. The function is also vulnerable to Cross-Site Request Forgery.

Recommendations For versions up to and including 1.12.17, consider disabling the SurveyJS DeleteFile class until a patch is available to prevent arbitrary file deletion. Restrict access to the callback function of the SurveyJS DeleteFile class to minimize the risk of exploitation. Avoid using the SurveyJS DeleteFile class in the affected plugin until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.