Arbitrary File Upload Vulnerability in Greenshift Animation and Page Builder Blocks Plugin for WordPress
CVE-2023-6636

7.2HIGH

Key Information:

Vendor: Wordpress
Status: Greenshift – animation and page builder blocks
Vendor: CVE Published:; 11 January 2024

Summary

The Greenshift Animation and Page Builder Blocks Plugin for WordPress has a vulnerability that allows for arbitrary file uploads. This flaw stems from insufficient file type validation within the 'gspb_save_files' function, present in versions up to 7.6.2. Authenticated administrators or users with elevated privileges can exploit this vulnerability to upload unauthorized files to the server. Consequently, this opens avenues for potential remote code execution, thereby compromising the integrity and security of the affected site.

Affected Version(s)

Greenshift – animation and page builder blocks * <= 7.6.2

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/greenshift-ani...

https://plugins.trac.wordpress.org/changeset/3009030/gree...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 11, 2024
Vulnerability Reserved
Dec 8, 2023

Credit

István Márton