CVE-2015-9499 Scanner

Detects arbitrary file upload vulnerability in ShowBiz Pro plugin for WordPress (CVE-2015-9499)

Short Info


Level

Critical

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

8 days 4 hours

Scan only one

Domain, Subdomain, IPv4

Toolbox

-

The ShowBiz Pro plugin for WordPress, developed by ThemePunch, contains a critical vulnerability in versions ≤ 1.7.1 that allows attackers to upload arbitrary PHP files and gain remote code execution capabilities on the server.

This vulnerability, tracked as CVE-2015-9499, occurs due to improper validation and lack of authorization checks in the `admin-ajax.php` endpoint. An attacker can exploit the `update_plugin` action by sending a specially crafted ZIP file containing a PHP payload. The file gets extracted and becomes accessible via the plugin’s temporary folder: `/wp-content/plugins/showbizpro/temp/update_extract/`.

This results in full compromise of the WordPress site, allowing attackers to execute arbitrary PHP code remotely and potentially pivot further into the system or escalate privileges.

REFERENCES

Get started to protecting your digital assets