SECURITY VULNERABILITY!

  • Resolved jmar

    (@jmar1)


    2 years, 7 months ago

    this file manager uses “elFinder” as its core component for file management.

    /wp-file-manager/lib/js/elfinder.min.js

    Version 2.1.49 (2019-04-14)

    at “www.cvedetails.com” search “elFinder”

    at “github.com” search “Studio-42/elFinder”

    CVE-2023-35840
    _joinPath in elFinderVolumeLocalFileSystem.class.php in elFinder before 2.1.62 allows path traversal in the PHP LocalVolumeDriver connector. In Studio-42 elFinder 2.1.60, there is a vulnerability that causes remote code execution through file name bypass for file upload.

    CVE-2022-27115
    In Studio-42 elFinder 2.1.60, there is a vulnerability that causes remote code execution through file name bypass for file upload.

    CVE-2022-26960
    connector.minimal.php in std42 elFinder through 2.1.60 is affected by path traversal. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths.

    CVE-2021-43421
    A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code.

    CVE-2021-23394
    The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. NOTE: This only applies if the server parses .phar files as PHP.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    2 years, 7 months ago

    Moderator note: This is not a review; it’s a support request and has been moved to that section of this plugin’s area.

    file manager support

    (@filemanagersupport)

    2 years, 7 months ago

    Hi @jmar1,

    Thanks for bringing this to our attention. We really appreciate your effort and vigilance.

    After conducting a thorough investigation and identifying the security issues you mentioned in your message, We are pleased to announce that these vulnerabilities have been addressed and will be releasing a full update tomorrow to ensure that these concerns are fully resolved.

    We want to assure you that the security and integrity of your data is of utmost importance to us, and we take these matters extremely seriously. An update with these security fixes will be released tomorrow.

    If you have any further questions or concerns, please do not hesitate to contact our support team.
    Thank you again for your hard work in reporting these vulnerabilities.

    Regards
    WP File Manager Support Team

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘SECURITY VULNERABILITY!’ is closed to new replies.