Arbitrary File Upload Vulnerability in MStore API Plugin
CVE-2024-8242

8.8HIGH

Key Information:

Vendor: Wordpress
Status: Mstore Api – Create Native Android & iOS Apps On The Cloud
Vendor: CVE Published:; 13 September 2024

Summary

The MStore API plugin for WordPress has a vulnerability that permits authenticated users, including those with subscriber-level access, to upload arbitrary files due to insufficient file type validation in the update_user_profile() function. This issue affects all versions up to and including 4.15.3. By exploiting this vulnerability, attackers can place potentially malicious files on the server, which may be used for remote code execution. Additionally, when combined with a registration endpoint open to unauthenticated users, this vulnerability can be leveraged to create more severe security risks.

Affected Version(s)

MStore API – Create Native Android & iOS Apps On The Cloud * <= 4.15.3

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/mstore-api/tru...

https://plugins.trac.wordpress.org/changeset/3147900/msto...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 13, 2024
Vulnerability Reserved
Aug 27, 2024

Credit

Matthew Rollings