CVE-2023-6925

EPSS 3%
Veröffentlicht 05.02.2024 22:15:57
Zuletzt bearbeitet 15.05.2025 20:15:29
Quelle security@wordfence.com
CVE-Watchlists
Login
Unerledigt
Login

Unlimited Addons for WPBakery Page Builder <= 1.0.42 - Authenticated (Editor+) Arbitrary File Upload

The Unlimited Addons for WPBakery Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'importZipFile' function in versions up to, and including, 1.0.42. This makes it possible for authenticated attackers with a role that the administrator previously granted access to the plugin (the default is editor role, but access can also be granted to contributor role), to upload arbitrary files on the affected site's server which may make remote code execution possible.

Mögliche Gegenmaßnahme

Unlimited Addons for WPBakery Page Builder: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt Unlimited Addons for WPBakery Page Builder

Version * - 1.0.42

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Unitecms ≫ Unlimited Addons For Wpbakery Page Builder SwPlatformwordpress Version <= 1.0.42

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	3%	0.861

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
security@wordfence.com	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

https://plugins.trac.wordpress.org/browser/unlimited-addons-for-wpbakery-page-builder/trunk/inc_php/layouts/unitecreator_layouts_exporter.class.php?rev=2900676#L703

Issue Tracking

https://www.wordfence.com/threat-intel/vulnerabilities/id/a78b76d6-4068-4141-9726-7db439aa6a9f?source=cve

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/a78b76d6-4068-4141-9726-7db439aa6a9f

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-6925

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-6925

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-6925

EUVD