CVE-2024-12848

CVE-2024-12848 is an arbitrary file upload vulnerability in the SKT Page Builder plugin for WordPress, stemming from a missing capability check in the 'addLibraryByArchive' function. This issue affects all versions up to and including 4.6. The vulnerability is rated with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-862 (Missing Authorization).

Authenticated attackers with subscriber-level access or higher can exploit this vulnerability over the network with low complexity and no user interaction required. By abusing the 'addLibraryByArchive' function, they can upload arbitrary files, enabling remote code execution on the targeted WordPress site.

Wordfence published a threat intelligence advisory detailing the vulnerability (https://www.wordfence.com/threat-intel/vulnerabilities/id/89e3cef3-c1aa-4df7-a9f9-1ca5837643e1?source=cve). Patches addressing the issue appear in the plugin's WordPress trac repository, including changesets at https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3213786%40skt-builder&new=3213786%40skt-builder&sfp_email=&sfph_mail= and https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3218995%40skt-builder&new=3218995%40skt-builder&sfp_email=&sfph_mail=, with vulnerable code visible at https://plugins.trac.wordpress.org/browser/skt-builder/trunk/sktbuilder.php#L960. Security practitioners should update to a patched version and review access controls for low-privilege users.