We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-12300

AR for WordPress <= 7.3 - Missing Authorization to Unauthenticated Limited File Upload



Description

The AR for WordPress plugin for WordPress is vulnerable to unauthorized double extension file upload due to a missing capability check on the set_ar_featured_image() function in all versions up to, and including, 7.3. This makes it possible for unauthenticated attackers to upload php files leveraging a double extension attack. It's important to note the file is deleted immediately and double extension attacks only work on select servers making this unlikely to be successfully exploited.

Reserved 2024-12-06 | Published 2024-12-13 | Updated 2024-12-13 | Assigner Wordfence


LOW: 3.7CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Problem types

CWE-862 Missing Authorization

Product status

Default status
unaffected

*
affected

Timeline

2024-12-12:Disclosed

Credits

cc finder

References

www.wordfence.com/...-49f7-4a1d-900b-c7bef40aec96?source=cve

plugins.trac.wordpress.org/...s/ar-add-media.php?rev=3177638

plugins.trac.wordpress.org/...%2Ftrunk&sfp_email=&sfph_mail=

cve.org (CVE-2024-12300)

nvd.nist.gov (CVE-2024-12300)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-12300

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.