Arbitrary File Deletion Vulnerability in Funnelforms Free Plugin for WordPress
CVE-2024-6312

6.5MEDIUM

Key Information:

Vendor
Wordpress
Status
Interactive Contact Form And Multi Step Form Builder With Drag & Drop Editor – Funnelforms Free
Vendor
CVE Published:
28 August 2024

Summary

The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 3.7.3.2 via the 'af2DeleteFontFile' function. This is due to the plugin not properly validating a file or its path prior to deleting it. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible.

Affected Version(s)

Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free * <= 3.7.3.2

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...
https://plugins.trac.wordpress.org/browser/funnelforms-fr...
https://plugins.trac.wordpress.org/browser/funnelforms-fr...

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

István Márton
.