Description

WordPress Plugin Enable Media Replace is prone to an SQL injection vulnerability and an arbitrary file upload vulnerability because it fails to sanitize user-supplied data. Exploiting these issues could allow an attacker to compromise the application, execute arbitrary code, access or modify data, or exploit latent vulnerabilities in the underlying database. WordPress Plugin Enable Media Replace version 2.3 is vulnerable; other versions may also be affected.

Remediation

Update to plugin version 2.4 or latest

References

http://www.securityfocus.com/bid/46286/exploit

http://www.exploit-db.com/exploits/16144/

http://secunia.com/advisories/43256

https://wordpress.org/plugins/enable-media-replace/changelog/

Related Vulnerabilities

WordPress Plugin WP Editor Cross-Site Scripting (1.2.6.2)

WordPress Plugin Retain Live Chat Cross-Site Scripting (0.1)

WordPress Plugin Cryptocurrency Widgets Pack SQL Injection (1.8.1)

WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14723)

ClipBucket Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-7665)

Severity

High

Classification

CWE-89 CWE-434 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update SQL Injection Unauthenticated File Upload