CVE-2024-12853
Published: 08 January 2025
Description
The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the zip upload functionality in all versions up to, and including, 2.11.10. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Security Summary
CVE-2024-12853 affects the Modula Image Gallery plugin for WordPress in all versions up to and including 2.11.10. The vulnerability stems from missing file type validation in the zip upload functionality, enabling arbitrary file uploads. It has been assigned a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-434 (Unrestricted Upload of File with Dangerous Type).
Authenticated attackers with Author-level access or higher can exploit this issue over the network with low complexity and no user interaction required. By uploading malicious zip files containing arbitrary content, such as web shells, they can place files on the affected site's server, potentially leading to remote code execution.
Advisories from Wordfence and the WordPress plugin repository, including a specific changeset in the Modula Best Grid Gallery Trac, detail the vulnerability and provide patch information for remediation. Security practitioners should ensure affected sites update to a patched version of the plugin beyond 2.11.10.
Details
- CWE(s)