Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplms_plugin allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through < 1.9.9.5.3.
The WPLMS plugin does not properly verify the type or content of uploaded files (CWE-434: Unrestricted Upload of File with Dangerous Type). An attacker with only a subscriber account can upload a file containing executable code (e.g., a PHP file acting as a Web Shell) to the web server. After successful upload, the file can be executed by accessing it through a browser or HTTP request, giving the attacker remote access to the server.
An attacker can gain full control over the web server through arbitrary code execution (RCE), resulting in loss of confidentiality, integrity, and availability of all data and resources of the hosted system.
The WPLMS plugin must be updated immediately to version 1.9.9.5.3 or later. Detailed information regarding the patch is available in the vendor's references and the Patchstack database.
WPLMS plugin (wplms_plugin) for WordPress in versions from unknown earlier versions to below 1.9.9.5.3
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HVibethemes WordPress Learning Management System
APPVibethemes< 1.9.9.5.3
Related vulnerabilities
Path Traversal w WPLMS — nieautoryzowane usuwanie katalogów
SQL Injection w pluginie WPLMS dla WordPress (VibeThemes)
WPLMS Plugin – nieuwierzytelniona eskalacja uprawnień (privilege escalation)
Authentication Bypass w pluginie WPLMS dla WordPress (do wersji 1.9.9)
Niekontrolowane przesyłanie plików w pluginie WPLMS — upload Web Shell