A vulnerability advisory was issued for a WordPress Contact Kind 7 add-on plugin that allows unauthenticated attackers to “simply” launch a distant code execution. The vulnerability is rated excessive (8.8/10) on the CVSS menace severity scale.
Screenshot from Wordfence advisory exhibiting 8.8 CVSS severity ranking
Redirection for Contact Kind 7 plugin
The vulnerability impacts the Redirection for Contact Kind 7 WordPress plugin, which is put in on over 300,000 web sites. The plugin extends the performance of the favored Contact Kind 7 plugin. It permits an internet site writer not solely to redirect a consumer to a different web page but in addition to retailer the data in a database, ship e-mail notifications, and block spammy type submissions.
The vulnerability arises in a plugin perform. WordPress features are PHP code snippets that present particular functionalities. The particular perform that incorporates the flaw is named the delete_associated_files perform. That perform incorporates an inadequate file path validation flaw, which suggests it doesn’t validate what a consumer can enter into the perform that deletes recordsdata. This flaw permits an attacker to specify a path to a file to be deleted.
Thus, an attacker can specify a path (resembling ../../wp-config.php) and delete a vital file like wp-config.php, clearing the way in which for a distant code execution (RCE) assault. An RCE assault is a kind of exploit that allows an attacker to execute malicious code remotely (from anyplace on the Web) and achieve management of the web site.
The Wordfence advisory explains:
“This makes it doable for unauthenticated attackers to delete arbitrary recordsdata on the server, which may simply result in distant code execution when the precise file is deleted (resembling wp-config.php).”
The vulnerability impacts all variations of the plugin as much as and together with model 3.2.4. Customers of the affected plugin are suggested to replace the plugin to the most recent model.
Featured Picture by Shutterstock/Everyonephoto Studio
