Sigeplay online casino register philippines.Enjoy Free 888+200 Daily Legal Bonus

Resolved kgagne
(@kgagne)

4 years, 2 months ago

iThemes Security’s daily scan just reported this plugin to me as having a “Authenticated Path Traversal to Arbitrary File Access” vulnerability. The report links to this story from August 11:

https://medium.com/@hoanhp/0-day-story-3-add-from-server-b06244c1ea6b

How severe is this issue? And is there (or will there be) a patch or update to address it?

Viewing 4 replies - 1 through 4 (of 4 total)

Plugin Author Dion Hulse
(@dd32)

Meta Developer

4 years, 2 months ago
Hi,

This plugin is intentional in how it works – it allows accessing any file on the server by design.
It should not be used by untrusted users on a site.

The security report is nothing more than missing the fact there’s a link on the page that goes to that exact place (so no URL modifications required).

If it’s being used on a server with untrusted users, there’s an option in the plugin settings to lock it to a specific Root Directory which will prevent untrusted users being able to access all server files (Untrusted users being non-administrators, administrators can install plugins/edit plugins/etc and as such are trusted users that can access things like that).

This plugin should really not be used today, there’s almost zero reason to use it, use the browser upload tools or contact your webhost to fix it so that the uploader works for you. 13 years ago when this plugin was written there was a real need, today not so much.

tl;dr: There’s no security issue here, it’s working exactly how it’s intended to, but you probably shouldn’t be using it.
- This reply was modified 4 years, 2 months ago by Dion Hulse.
Thread Starter kgagne
(@kgagne)

4 years, 2 months ago

Thanks for the explanation —?I appreciate it!

psamathe
(@psamathe)

4 years, 2 months ago

This plugin should really not be used today, there’s almost zero reason to use it, use the browser upload tools or contact your webhost to fix it so that the uploader works for you. 13 years ago when this plugin was written there was a real need, today not so much.

I have found it useful on quite a few occasions travelling South America and SE Asia – where Wi-Fi/Internet is “poor” then put in quite a few guests trying to use it and uploads become difficult. Maybe more to do with the clients than WordPress but I’ve found under those circumstances FTP a more reliable (less likely to fail) mans to upload images.

So useful and appreciated.

blakmk
(@blakmk)

4 years, 1 month ago

to restrict access of this plugin to a specific directory, do we just set the

“frmsvr_root” option on options.php ?

You mention that there is no reason but I really like it. It prevents malicious files being uploaded to the server through the UI

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Path traversal lead to arbitrary file reading’ is closed to new replies.