CVE-2023-6825 (CVSS 9.9): Over a WordPress Million Sites Exposed by File Manager Flaw

A severe security flaw (CVE-2023-6825) has been uncovered in the popular File Manager and File Manager Pro WordPress plugins. With over a million active installs, this vulnerability has the potential to cause widespread damage if left unpatched.

What’s the Risk?

Dubbed CVE-2023-6825 and scoring a 9.9 on the CVSS scale, this vulnerability exposes the underbelly of both the File Manager and File Manager Pro plugins. Specifically, it affects versions up to and including 7.2.1 for the free version and 8.3.4 for the Pro version. The flaw resides in the mk_file_folder_manager_action_callback_shortcode function, where the target parameter becomes the root cause of this flaw, allowing attackers to traverse the directory tree.

The vulnerability, known as a Directory Traversal attack, allows malicious actors to break out of intended file locations and do the following:

• Read Sensitive Files: Attackers could snoop on your WordPress installation, potentially exposing your website’s secrets, login credentials, or customer data.
• Plant Malicious Code: Attackers could upload files to any directory on your server, opening the possibility of further attacks and website defacement.

Who’s Most Vulnerable?

• File Manager (Free): Administrators beware! The free version requires admin access to be exploited, but this represents a severe risk for those using it.
• File Manager Pro: Things get more serious with the Pro version. Since it allows shortcode embedding and the ability to grant file management to lower-level users, the attack surface expands considerably.

Why the Urgency?

Unpatched WordPress plugins are like open invitations for hackers. While there’s no evidence of this specific vulnerability being actively exploited yet, it’s only a matter of time.

The Patch: Closing the Flaw

Luckily, the developers of File Manager have been proactive. Patches are available in these versions:

• Free Version: 7.2.2 and later
• Pro Version: 8.3.5 and later

Call to Action

If you use either the File Manager or File Manager Pro plugins, it’s crucial to update immediately! Don’t give hackers a foothold into your WordPress website. Here’s what to do:

1. Update, Update, Update! Visit your WordPress dashboard, go to the plugins section, and update both File Manager and File Manager Pro (if installed) to the latest versions.
2. Stay Informed: Subscribe to WordPress security alerts and plugin update notifications to avoid future surprises.