Platform
wordpress
Component
wp-file-manager
Fixed in
7.2.2
8.3.5
CVE-2023-6825 is a critical directory traversal vulnerability affecting the File Manager and File Manager Pro plugins for WordPress. This flaw allows attackers to potentially read sensitive files and upload files to unauthorized locations on the server. The vulnerability impacts versions up to 7.2.1 for the free version and 8.3.4 for the Pro version. A patch is available from the plugin developers.
The directory traversal vulnerability in WordPress File Manager allows an attacker to bypass intended file access restrictions. By manipulating the 'target' parameter within the mkfilefoldermanageractioncallbackshortcode function, an attacker can read files outside of the intended directories. This could expose sensitive configuration files, database credentials, or other confidential data stored on the server. Furthermore, the attacker can upload files to arbitrary locations, potentially overwriting critical system files or injecting malicious code. The free version requires administrator access to exploit the vulnerability, while the Pro version is exploitable without elevated privileges.
CVE-2023-6825 was publicly disclosed on March 13, 2024. While no active exploitation campaigns have been definitively confirmed, the vulnerability's critical severity and ease of exploitation make it a high-priority target. There are currently public proof-of-concept exploits available, increasing the risk of widespread exploitation. This vulnerability is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
3.75% (88% percentile)
CVSS Vector
The primary mitigation for CVE-2023-6825 is to upgrade to the latest version of the File Manager or File Manager Pro plugin, as the developers have released a patch. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to filter requests containing suspicious characters or patterns in the 'target' parameter. Additionally, restrict file upload permissions and implement strict input validation to prevent attackers from manipulating file paths. Regularly review file system access logs for any unauthorized activity.
Update the File Manager plugin to the latest available version. The vulnerability exists in versions prior to 7.2.2. This will resolve the directory traversal vulnerability.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2023-6825 is a critical vulnerability allowing attackers to read arbitrary files and upload files outside intended directories in WordPress File Manager plugins (versions up to 7.2.1 and 8.3.4).
You are affected if you are using the File Manager or File Manager Pro plugin for WordPress in versions 7.2.1 or lower (free version) or 8.3.4 or lower (Pro version).
Upgrade to the latest version of the File Manager or File Manager Pro plugin. If immediate upgrade is not possible, implement WAF rules to filter suspicious requests.
While no confirmed active exploitation campaigns are known, the vulnerability's severity and available proof-of-concept exploits suggest a high risk of exploitation.
Refer to the plugin developer's website and WordPress.org plugin page for the File Manager or File Manager Pro plugin for the latest updates and security advisories.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.