A critical vulnerability was detected in WordPress's file management plugin, one of the most used content management systems. This vulnerability can lead to the complete hijacking of your website. Because it is possible to upload a harmful file to your website using this vulnerability. Attackers can take over all of your data using this malicious file. Some details of the vulnerability:
Extension Name: File Manager
Link of the plugin: https://wordpress.org/plugins/wp-file-manager/
Affected Version of Plugin: 6.0-6.8
Patched Versions: 6.9
CVE of Vulnerability: CVE-2020-25213
About to Vulnerability: https://nvd.nist.gov/vuln/detail/CVE-2020-25213#VulnChangeHistorySection/
Critical Level of Vulnerability: 10/0
Code of Exploitation: https://github.com/w4fz5uck5/wp-file-manager-0day
This plugin has a lot of features, including making it easier to manage files on your website. It uses an open-source piece of code for some tasks in file management. It's called elFinder. Due to a mis-implementation when using elFinder (renaming the file in elFinder), a vulnerability occurs. With using this vulnerability, it is possible to upload the desired file remotely and unauthorized to all sites using the wp-file-manager vulnerability. So, it's an unauthenticated file upload vulnerability.
This plugin has been downloaded approximately 600.000 times. We can assume that this number is much higher.
With file upload vulnerabilities, attackers can upload files to the target system for their own purposes. There are many different ways of uploading files to the target system.
The risks of file upload vulnerabilities are as follows:
To get rid of the vulnerability, update your plugin. If you used the vulnerable version of this plugin, it would be beneficial for you to do historical analysis.