Arbitrary File Upload Vulnerability in EditorsKit Plugin for WordPress
CVE-2023-6635

7.2HIGH

Key Information:

Vendor: Wordpress
Status: Gutenberg Block Editor Toolkit – EditorsKit
Vendor: CVE Published:; 5 February 2024

Summary

The EditorsKit plugin for WordPress contains a vulnerability that allows authenticated users with administrator-level access to upload arbitrary files due to an absence of file type validation in the 'import_styles' function. This flaw affects versions of the plugin up to and including 1.40.3, potentially enabling attackers to execute remote code by exploiting this security oversight on the affected site's server.

Affected Version(s)

Gutenberg Block Editor Toolkit – EditorsKit * <= 1.40.3

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/block-options/...

https://plugins.trac.wordpress.org/changeset/3010794/bloc...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 5, 2024
Vulnerability Reserved
Dec 8, 2023

Credit

István Márton