Arbitrary File Upload Vulnerability in Brizy Page Builder for WordPress

CVE-2024-10960

What is CVE-2024-10960?

CVE-2024-10960 is a vulnerability found in the Brizy Page Builder plugin for WordPress, developed by Themefusecom. This plugin is widely used for creating and customizing website layouts with ease. The vulnerability arises from inadequate file type validation within the 'storeUploads' function, allowing authenticated users with Contributor-level access or higher to upload any file type to the server. This can lead to severe consequences, including the potential for remote code execution, posing significant risks to organizations utilizing this plugin.

Technical Details

The vulnerability lies in all versions of the Brizy Page Builder up to and including version 2.6.4. The flaw permits authenticated attackers to bypass intended file upload restrictions due to the absence of proper checks on the types of files that can be uploaded. As a result, it enables malicious actors to upload potentially harmful files, which can subsequently be executed on the server. This opens the door for further exploitation, including the execution of arbitrary code, contributing to security breaches and system compromises.

Potential Impact of CVE-2024-10960

1. Remote Code Execution: The most critical impact is the potential for attackers to execute arbitrary code on the affected server, leading to complete control over the web application.

2. Data Breach Risks: Exploitation may result in unauthorized access to sensitive data, including user information and internal documents, escalating the risk of data breaches.

3. Compromise of Website Integrity: The vulnerability could lead to the injection of malicious content or malware on the website, damaging the organization's reputation and trust with users.

References