CVE-2023-4634
CVSS Score
V3.1EPSS Score
v2023.03.01There is a 44.6% chance that this vulnerability will be exploited in the wild within the next 30 days.
Attack Vector Metrics
Impact Metrics
Description
The Media Library Assistant plugin for WordPress is vulnerable to Local File Inclusion and Remote Code Execution in versions up to, and including, 3.09. This is due to insufficient controls on file paths being supplied to the 'mla_stream_file' parameter from the ~/includes/mla-stream-image.php file, where images are processed via Imagick(). This makes it possible for unauthenticated attackers to supply files via FTP that will make directory lists, local file inclusion, and remote code execution possible.
Available Exploits
Media Library Assistant < 3.09 - Remote Code Execution/Local File Inclusion
A vulnerability in the Wordpress Media-Library-Assistant plugins in version < 3.09 is vulnerable to a local file inclusion which leading to RCE on default Imagegick installation/configuration.
References:
- https://patrowl.io/blog-wordpress-media-library-rce-cve-2023-4634/
- https://fr.wordpress.org/plugins/media-library-assistant/advanced/
- https://cve.report/CVE-2023-4634
- https://packetstormsecurity.com/files/174508/wpmla309-lfiexec.tgz
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2955933%40media-library-assistant&new=2955933%40media-library-assistant&sfp_email=&sfph_mail=#file4
Related News
Affected Products
Affected Versions:
WordPress Vulnerability
Identified and analyzed by Wordfence
Software Type
Patch Status
Published
Software Details
Software Name
Media Library Assistant
Software Slug
media-library-assistant
Affected Versions
Patched Versions
Remediation
Update to version 3.10, or a newer patched version
© Defiant Inc. Data provided by Wordfence.