File Manager <= 5.0.0 - Information Disclosure

Sign up to our free email alerts service for instant vulnerability notifications!

Description
The Giribaz File Manager plugin logged activity related to the plugin in /wp-content/uploads/file-manager/log.txt. If user edits wp-config.php file using this plugin, the wp-config.php contents get added to the file which is not protected and contains database credentials, salts, etc. These files have been indexed by Google and an simple dork will find affected sites. 
Proof of Concept
http://[target]/wp-content/uploads/file-manager/log.txt

Affects Plugin

fixed in version 5.0.2

References

CVE 2018-7204
URL http://www.giribaz.com/
URL https://plugins.trac.wordpress.org/changeset/1823035/file-manager

Classification

Type FPD
OWASP Top 10 A6: Sensitive Data Exposure
CWE CWE-200

Miscellaneous

Submitter Colette Chamberland
Submitter Website https://www.defiant.com
Submitter Twitter @cjchamberland
Views 360
Verified No
WPVDB ID 9036

Timeline

Publicly Published 2018-03-02 (3 months ago)
Added 2018-03-02 (3 months ago)
Last Updated 2018-03-02 (3 months ago)

Copyright & License

Copyright All data and resources contained within this page and this web site is Copyright © The WPScan Team.
License Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us.