Unauthenticated Arbitrary File Upload Vulnerability in WordPress User Extra Fields Plugin
CVE-2024-10801

9.8CRITICAL

Key Information:

Vendor: Wordpress
Status: WordPress User Extra Fields
Vendor: CVE Published:; 9 November 2024

Summary

The User Extra Fields plugin for WordPress exhibits a significant vulnerability that allows for arbitrary file uploads. This issue arises due to inadequate file type validation within the ajax_manage_file_chunk_upload() function. Unauthenticated attackers can exploit this weakness to upload harmful files onto the affected server. It is important to note that user registration must be enabled for this vulnerability to be actionable, potentially leading to remote code execution. Website administrators using this plugin should urgently implement protective measures to mitigate risks associated with this vulnerability.

Affected Version(s)

WordPress User Extra Fields * <= 16.5

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://codecanyon.net/item/user-extra-fields/12949844

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 9, 2024
Vulnerability Reserved
Nov 4, 2024

Credit

Tonn