AdRotate Banner Manager Vulnerable to Arbitrary File Uploads
CVE-2022-1206

7.2HIGH

Key Information:

Vendor: Wordpress
Status: Adrotate Banner Manager – The Only Ad Manager You'll Need
Vendor: CVE Published:; 20 August 2024

Summary

The AdRotate Banner Manager plugin for WordPress contains a vulnerability stemming from inadequate file extension sanitization in the adrotate_insert_media() function. This flaw is present in all versions of the plugin up to and including 5.13.2. Authenticated attackers with administrator-level access and above are able to upload malicious files with double extensions to the server of the affected site. The exploitability of this vulnerability is dependent on specific configurations that might execute the first file extension present, potentially allowing for remote code execution. Administrators of WordPress sites using this plugin should take caution to update to secure versions and implement additional security measures.

Affected Version(s)

AdRotate Banner Manager – The only ad manager you'll need * <= 5.13.2

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/adrotate/trunk...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 20, 2024
Vulnerability Reserved
Apr 1, 2022

Credit

Jörg Steinsträter