ArForms < 4.0 - Unauthenticated Directory Traversal



Description
"arf_delete_file in arformcontroller.php allows unauthenticated users to delete an arbitrary file by supplying its full pathname"

The vendor contacted the WPScan Team stating that the issue had been resolved in version 4.0.

Affects Plugin

fixed in version 4.0

References

CVE 2019-16902
ExploitDB 47492
PacketStorm 154807
URL https://codecanyon.net/item/arforms-wordpress-form-builder-plugin/6023165

Classification

Type TRAVERSAL
OWASP Top 10 A1: Injection
CWE CWE-22

Miscellaneous

Original Researcher AHMAD ALMORABEA
Views 808
Verified No
WPVDB ID 10037

Timeline

Publicly Published 2019-10-11 (9 months ago)
Added 2020-01-21 (6 months ago)
Last Updated 2020-02-29 (4 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin