911 Hack Removal

Arbitrary File Upload in WP Plugin User Submitted Posts (ver<=20190426)

Updated on: March 29, 2020

Arbitrary File Upload in WP Plugin User Submitted Posts (ver<=20190426)

Article Summary

A fresh vulnerability disclosure in the series of WordPress plugins has come to notice. The WordPress plugin User Submitted Posts lets users upload posts and images from its front end feature. This WordPress plugin user submitted posts plugin currently has more than 30,000 installations. It was quite popular at the time a serious arbitrary file upload vulnerability was found in it. Learn more about the details of User Submitted Posts Exploit in this article.

A fresh vulnerability disclosure in the series of WordPress plugins has come to notice. The WordPress plugin User Submitted Posts lets users upload posts and images from its front end feature. This WordPress plugin user submitted posts plugin currently has more than 30,000 installations. It was quite popular at the time a serious arbitrary file upload vulnerability was found in it. Learn more about the details of User Submitted Posts Exploit in this article.

User Submitted Posts Plugin exploit
User Submitted Posts Plugin in WordPress Plugin Directory

Is your website hacked? Drop us a message here or chat with us now and, we’ll be happy to help you ?

Technical Details: User Submitted Posts Exploit

Versions prior & equal to 20190426 are vulnerable to arbitrary file upload. It allows any unauthenticated user on an apache server with PHP FastCGI to upload and run a PHP script in its ‘image upload’ feature which was supposed to allow image files only. It turns out, if non-blacklisted extensions are in conjunction with the whitelisted ones, the validation system of this plugin was tricked. To be more clear, if you could camouflage the .php extension with .jpg, it does not get sanitized and gets validated. Here is an example of this, script.php.gif. Since the .php extension is disguised as an image file it will get through the security check and will be executed eventually. This could result in any malicious file to reach your databases or harm the privacy of sensitive information on your website. Is your website hacked? Drop us a message here or chat with us now and, we’ll be happy to help you ?

Preventive measures: User Submitted Posts Exploit

The vulnerability was fixed in versions succeeding 20190426. Update to the patched version as soon as possible. Since, the vulnerability is now been disclosed publicly, using an older version can prove to be detrimental.To have an added assurance of security to your website, install a web application firewall on your website. Astra Web Security offers a continuous monitoring system as its WAF (Web Application Firewall), which protects your website from Arbitrary File Upload, SQLi, XSS, CSRF, bad bots, and 100+ other cyber threats.

Astra dashboard
Monitor your website from a single Astra dashboard

Get an Astra demo now!

Was this post helpful?

Aakanchha Keshri

Aakanchha is a technical writer and a cybersecurity enthusiast. She is an avid reader, researcher, and an active contributor to our blog and the cybersecurity genre in general. To date, she has written over 200 blogs for more than 60 domains on topics ranging from technical to promotional. When she is not writing or researching she revels in a game or two of CS: GO.
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments

Psst! Hi there. We’re Astra.

We make security simple and hassle-free for thousands
of websites and businesses worldwide.

Our suite of security products include firewall, malware scanner and security audits to protect your site from the
evil forces on the internet, even when you sleep.

earth spiders cards bugs spiders

Made with ❤️ in USA France India Germany