CVE-2023-5822 : The Drag and Drop Multiple File Upload - Contact Form 7 plugin for WordPress is

The Drag and Drop Multiple File Upload - Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads to insufficient file type validation in the 'dnd_upload_cf7_upload' function in versions up to, and including, 1.3.7.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. This can be exploited if a user authorized to edit form, which means editor privileges or above, has added a 'multiple file upload' form field with '*' acceptable file types.

Published 2023-11-22 16:15:15

Updated 2023-11-29 19:15:14

Source Wordfence

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2023-5822

Codedropz » Drag And Drop Multiple File Upload - Contact Form 7 » For Wordpress
Versions up to, including, (<=) 1.3.7.3
cpe:2.3:a:codedropz:drag_and_drop_multiple_file_upload_-_contact_form_7:*:*:*:*:*:wordpress:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-5822

EPSS FAQ

4.40%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 88 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-5822

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
8.1	HIGH	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H	2.2	5.9	Wordfence
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2023-5822

CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2023-5822

https://plugins.trac.wordpress.org/browser/drag-and-drop-multiple-file-upload-contact-form-7/tags/1.3.7.2/inc/dnd-upload-cf7.php#L828

429 Too Many Requests
Product
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2987252%40drag-and-drop-multiple-file-upload-contact-form-7%2Ftrunk&old=2968538%40drag-and-drop-multiple-file-upload-contact-form-7%2Ftrunk&sfp_email=&sfph_mail=

Diff [2968538:2987252] for drag-and-drop-multiple-file-upload-contact-form-7/trunk – WordPress Plugin Repository
Patch
https://plugins.trac.wordpress.org/browser/drag-and-drop-multiple-file-upload-contact-form-7/tags/1.3.7.2/inc/dnd-upload-cf7.php#L855

dnd-upload-cf7.php in drag-and-drop-multiple-file-upload-contact-form-7/tags/1.3.7.2/inc – WordPress Plugin Repository
Product
https://www.wordfence.com/threat-intel/vulnerabilities/id/1b3be300-5b7f-4844-8637-1bb8c939ed4c?source=cve

Drag and Drop Multiple File Upload - Contact Form 7 <= 1.3.7.3 - Unauthenticated Arbitrary File Upload
Patch;Third Party Advisory
https://plugins.trac.wordpress.org/browser/drag-and-drop-multiple-file-upload-contact-form-7/tags/1.3.7.2/inc/dnd-upload-cf7.php#L904

dnd-upload-cf7.php in drag-and-drop-multiple-file-upload-contact-form-7/tags/1.3.7.2/inc – WordPress Plugin Repository
Product

Jump to

Vulnerability Details : CVE-2023-5822

Products affected by CVE-2023-5822

Exploit prediction scoring system (EPSS) score for CVE-2023-5822

CVSS scores for CVE-2023-5822

CWE ids for CVE-2023-5822

References for CVE-2023-5822