Unauthorized Media Upload Vulnerability in The Post Form Plugin
CVE-2024-1169

7.5HIGH

Key Information:

Vendor: Wordpress
Status: Post Form – Registration Form – Profile Form For User Profiles – Frontend Content Forms For User Submissions (ugc)
Vendor: CVE Published:; 7 March 2024

Summary

The BuddyForms plugin for WordPress, which facilitates the creation of frontend content forms for user submissions, is exposed to a serious security flaw. Due to a missing capability check in the buddyforms_upload_handle_dropped_media function, all versions up to and including 2.8.7 are susceptible to unauthorized media uploads. This vulnerability allows unauthenticated attackers to exploit the upload function, potentially leading to further attacks or unauthorized access to the website. It is imperative for WordPress site administrators using this plugin to apply the necessary security updates and restrict user capabilities to mitigate the risk posed by this vulnerability.

Affected Version(s)

Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) * <= 2.8.7

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/buddyforms/tru...

https://plugins.trac.wordpress.org/changeset/3046092/budd...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 7, 2024
Vulnerability Reserved
Feb 1, 2024

Credit

Lucio Sá