We strongly recommend ensuring that your site has been updated to the latest patched version of “Download Manager”, which is version 3.2.53 at the time of this publication.ĭescription: Authenticated (Contributor+) Arbitrary File DeletionĪffected Versions: package->getFiles( $post_id, false) foreach ( $files as $file ) The plugin was fully patched the next day on July 27, 2022. We never received a response so we sent the full details to the plugins team on July 26, 2022. We attempted to reach out to the developer on July 8, 2022, the same day we discovered the vulnerability.
Wordfence Free users will receive this same protection 30 days later on August 7, 2022. Wordfence Premium, Wordfence Care, and Wordfence Response received a firewall rule on Jto provide protection against any attackers that try to exploit this vulnerability. If an attacker deletes the wp-config.php file they can gain administrative privileges, including the ability to execute code, by re-running the WordPress install process.
This flaw makes it possible for an authenticated attacker to delete arbitrary files hosted on the server, provided they have access to create downloads. On Jthe Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “Download Manager,” a WordPress plugin that is installed on over 100,000 sites.
0 kommentar(er)
