To exploit this vulnerability, an attacker would have to host a malicious configuration file on a publicly accessible server, such as a web server on a project's hosting provider's network. An attacker would then have to submit a malicious form via the WordPress plugin's backend. WordPress versions 3.6.2 and earlier are vulnerable.
A hacker could exploit this vulnerability by sending a request to a host on the same network as the WordPress website. The hacker would have to host a configuration file on a public server, such as on a project's hosting provider's network. An attacker would then have to submit a malicious form via the WordPress plugin's backend. WordPress versions 3.7.0 and earlier are vulnerable. A hacker could exploit this vulnerability by sending a request to a host on the same network as the WordPress website. The hacker would have to host a configuration file on a public server, such as on a project's hosting provider's network.
Mitigation
The WordPress Security Team has released a patch to correct this vulnerability.
What can be done to prevent exploitation?
An attacker would not be able to exploit this vulnerability if the WordPress website is behind a firewall or if the WordPress website is using HTTP authentication.
If the WordPress website is not behind a firewall or using HTTP authentication, an attacker would have to send a request to the PHP server on a host on the same network as the WordPress website.
What's vulnerable?
WordPress versions 3.6.2 and earlier are vulnerable to this vulnerability.
Timeline
Published on: 05/16/2022 15:15:00 UTC
Last modified on: 05/24/2022 19:00:00 UTC