CVE-2023-4238

Prevent files / folders access < 2.5.2 - Admin+ Arbitrary File Upload

Severity Score

7.2

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The Prevent files / folders access WordPress plugin before 2.5.2 does not validate files to be uploaded, which could allow attackers to upload arbitrary files such as PHP on the server.

El complemento Impedir el acceso a archivos/carpetas de WordPress anteriores a 2.5.2 no valida los archivos que se cargarán, lo que podría permitir a los atacantes cargar archivos arbitrarios como PHP en el servidor.

The Prevent files / folders access plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the mo_media_restrict_page function in versions up to, and including, 2.5.1. This makes it possible for authenticated attackers, with administrator-level privileges and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

*Credits: Dmitrii, WPScan

CVSS Scores

NISTv3.1 7.2

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2023-08-08 CVE Reserved
2023-08-28 CVE Published
2023-09-12 First Exploit
2024-08-02 CVE Updated
2024-10-01 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-434: Unrestricted Upload of File with Dangerous Type

CAPEC

References (2)

URL	Tag	Source

URL	Date	SRC
https://github.com/codeb0ss/CVE-2023-4238-PoC	2023-09-12
https://wpscan.com/vulnerability/53816136-4b1a-4b7d-b73b-08a90c2a638f	2024-08-02

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Miniorange Search vendor "Miniorange"		Prevent Files \/ Folders Access Search vendor "Miniorange" for product "Prevent Files \/ Folders Access"				< 2.5.2 Search vendor "Miniorange" for product "Prevent Files \/ Folders Access" and version " < 2.5.2"		wordpress		Affected