Arbitrary file upload in WP Mobile detector
| Risk | Critical |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | N/A |
| CWE-ID | CWE-20 |
| Exploitation vector | Network |
| Public exploit | This vulnerability is being exploited in the wild. |
| Vulnerable software Subscribe |
WP Mobile detector Web applications / Modules and components for CMS |
| Vendor | WordPress.ORG |
Security Bulletin
This security bulletin contains one critical risk vulnerability.
1) Arbitrary file upload
EUVDB-ID: #VU5851
Risk: Critical
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to upload arbitrary files to compromise the target system.
The weakness exists due to the failure to validate and sanitize input. A remote attacker can send a request toresize.php or timthumb.php inside the plugin directory with the backdoor URL that contains a PHP code.
Successful exploitation of the vulnerability may result in malicious files uploading and vulnerable system compromising.
Note: the vulnerability was being actively exploited.
Update to version 3.7.
WP Mobile detector: 3.6 - 3.7
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
