Arbitrary File Deletion Vulnerability in SurveyJS Drag & Drop WordPress Form Builder
CVE-2024-12544

8.8HIGH

Key Information:

Vendor: WordPress
Status: Surveyjs: Drag & Drop WordPress Form Builder To Create, Style And Embed Multiple Forms Of Any Complexity
Vendor: CVE Published:; 1 March 2025

What is CVE-2024-12544?

The SurveyJS Drag & Drop WordPress Form Builder plugin is affected by a vulnerability that allows authenticated users with Subscriber-level access or higher to delete arbitrary files from the server. This vulnerability arises from a missing capability check in the callback function of the SurveyJS_DeleteFile class, which is present in all versions up to and including 1.12.17. If exploited, this could lead to severe security risks, including remote code execution, especially if critical files like wp-config.php are deleted. Furthermore, as of version 1.12.20, the plugin remains vulnerable to Cross-Site Request Forgery (CSRF) exploits, creating additional avenues for potential attacks.

Affected Version(s)

SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity * <= 1.12.17

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/changeset/3222216/surv...

https://plugins.trac.wordpress.org/changeset/3214665/

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 1, 2025
Vulnerability Reserved
Dec 11, 2024

Credit

Thanh Nam Tran

JSON