Platform
wordpress
Component
wp-file-manager
Opgelost in
7.2.2
8.3.5
CVE-2023-6825 is a critical directory traversal vulnerability affecting the File Manager and File Manager Pro plugins for WordPress. This flaw allows attackers to potentially read sensitive files and upload files to unauthorized locations on the server. The vulnerability impacts versions up to 7.2.1 for the free version and 8.3.4 for the Pro version. A patch is available from the plugin developers.
The directory traversal vulnerability in WordPress File Manager allows an attacker to bypass intended file access restrictions. By manipulating the 'target' parameter within the mkfilefoldermanageractioncallbackshortcode function, an attacker can read files outside of the intended directories. This could expose sensitive configuration files, database credentials, or other confidential data stored on the server. Furthermore, the attacker can upload files to arbitrary locations, potentially overwriting critical system files or injecting malicious code. The free version requires administrator access to exploit the vulnerability, while the Pro version is exploitable without elevated privileges.
CVE-2023-6825 was publicly disclosed on March 13, 2024. While no active exploitation campaigns have been definitively confirmed, the vulnerability's critical severity and ease of exploitation make it a high-priority target. There are currently public proof-of-concept exploits available, increasing the risk of widespread exploitation. This vulnerability is not currently listed on the CISA KEV catalog.
WordPress websites utilizing the File Manager or File Manager Pro plugins, particularly those running older, unpatched versions (prior to 7.2.1 for the free version and 8.3.4 for the Pro version), are at significant risk. Shared hosting environments where users have limited control over plugin updates are also particularly vulnerable.
• wordpress / composer / npm:
grep -r 'mk_file_folder_manager_action_callback_shortcode' /var/www/html/wp-content/plugins/• generic web:
curl -I <your_wordpress_site>/wp-content/plugins/file-manager/shortcode.php | grep targetdisclosure
Exploit Status
EPSS
3.75% (88% percentiel)
CVSS-vector
The primary mitigation for CVE-2023-6825 is to upgrade to the latest version of the File Manager or File Manager Pro plugin, as the developers have released a patch. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to filter requests containing suspicious characters or patterns in the 'target' parameter. Additionally, restrict file upload permissions and implement strict input validation to prevent attackers from manipulating file paths. Regularly review file system access logs for any unauthorized activity.
Werk de File Manager plugin bij naar de laatste beschikbare versie. De kwetsbaarheid is aanwezig in versies eerder dan 7.2.2. Dit zal de Directory Traversal kwetsbaarheid oplossen.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2023-6825 is a critical vulnerability allowing attackers to read arbitrary files and upload files outside intended directories in WordPress File Manager plugins (versions up to 7.2.1 and 8.3.4).
You are affected if you are using the File Manager or File Manager Pro plugin for WordPress in versions 7.2.1 or lower (free version) or 8.3.4 or lower (Pro version).
Upgrade to the latest version of the File Manager or File Manager Pro plugin. If immediate upgrade is not possible, implement WAF rules to filter suspicious requests.
While no confirmed active exploitation campaigns are known, the vulnerability's severity and available proof-of-concept exploits suggest a high risk of exploitation.
Refer to the plugin developer's website and WordPress.org plugin page for the File Manager or File Manager Pro plugin for the latest updates and security advisories.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.