Double Extension Attack Vulnerability in Metform Contact Form Builder
CVE-2023-0714

8.1HIGH

Key Information:

Vendor: Xpeedstudio
Status: Metform – Contact Form, Survey, Quiz, & Custom Form Builder For Elementor
Vendor: CVE Published:; 17 August 2024

Summary

The Metform Elementor Contact Form Builder for WordPress is susceptible to an arbitrary file upload vulnerability caused by inadequate file type validation. This issue is present in versions up to and including 3.2.4. Attackers can exploit this weakness by executing a 'double extension' attack, allowing them to upload files disguised with benign extensions while concealing malicious payloads. In certain configurations, this vulnerability may lead to remote code execution, which poses a significant risk to the security of affected WordPress installations. Proper validation and sanitation of file uploads is crucial to mitigate this risk.

Affected Version(s)

MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor * <= 3.2.4

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/metform/trunk/...

https://plugins.trac.wordpress.org/changeset/2896914/

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 17, 2024
Vulnerability Reserved
Feb 7, 2023

Credit

Ramuel Gall