CVE-2015-9499 Scanner
CVE-2015-9499 Scanner - Arbitrary File Upload vulnerability in WordPress ShowBiz Pro
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
11 days 3 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
-
The WordPress ShowBiz Pro plugin is a widely used extension for WordPress websites that enables users to create robust slider presentations. Many web developers and content creators utilize this plugin to enhance the visual appeal of their websites by adding dynamic content. ShowBiz Pro is valued in the WordPress community for its ease of use and functionality, offering a range of customizable features to enhance user engagement. Often deployed on various websites from personal blogs to enterprise-level sites, it is integral for businesses looking to bolster their online presence visually. However, like many plugins that handle file uploads, ShowBiz Pro can be vulnerable to malicious exploitation if not regularly updated and maintained. Its role in website aesthetics makes its security crucial to protect against unauthorized content manipulation.
Arbitrary File Upload vulnerability allows an attacker to upload malicious files to the web server without proper security validation. In the context of WordPress ShowBiz Pro, this vulnerability is particularly severe because it enables unauthorized users to execute arbitrary PHP code on the server. The vulnerability exists within version 1.7.1 and earlier, which inadequately restricts file upload permissions, leading to potential remote code execution (RCE). This risk poses a significant threat to any website relying on the vulnerable plugin. Proper understanding and mitigation are essential to prevent unauthorized server manipulation and data breaches.
This vulnerability is exploited through the 'admin-ajax.php' endpoint in the WordPress ShowBiz Pro plugin, which allows file uploads without proper access controls. Attackers can craft a request to this endpoint, upload a malicious PHP file within a zip archive, and then execute it. The vulnerable parameters include 'action', 'client_action', and 'update_file'. Once uploaded, the file can be accessed remotely via a GET request, leading to possible execution of hostile code within the WordPress environment. Additionally, the exploitation process bypasses traditional authentication mechanisms, resulting in remote access and control over server functionalities.
Exploitation of the Arbitrary File Upload vulnerability in WordPress ShowBiz Pro can lead to severe consequences, including full server compromise. Malicious actors could upload backdoors, deface websites, or steal sensitive information such as user data and database credentials. In the worst-case scenario, attackers could gain administrative control over the WordPress installation, thereby manipulating or destroying critical data. Websites running vulnerable versions could also be used to distribute malware or as part of a botnet, causing reputational damage to the affected domain. Immediate corrective measures are necessary to protect data integrity and confidentiality.