WordPress.org

Ready to get started?Download WordPress

Forums

Relocate Upload
[resolved] Possible 'abspath' vulnerability on version 0.14 (10 posts)

  1. José Luís
    Member
    Posted 2 years ago #

    According to WebsiteDefender, version 0.14 has an abspath vulnerability:
    -------
    The WordPress plugin relocate-upload from your WordPress installation in / is known to be affected by a security vulnerability.

    Vulnerability details
    Title: WordPress Relocate Upload Plugin 'abspath' Parameter Remote File Include Vulnerability
    Version: 0.14
    Description: WordPress Relocate Upload plugin is prone to a remote file include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue could allow an attacker to compromise the application and the underlying system; other attacks are also possible. Relocate Upload plugin version 0.14 is vulnerable; prior versions may also be affected.
    Solution: Update the WordPress plugin to the latest version or contact the vendor for more information about a fix.
    -------

    Could you please verify it?

    http://wordpress.org/extend/plugins/relocate-upload/

  2. José Luís
    Member
    Posted 2 years ago #

    More info on the matter can be found here: http://1337day.com/exploits/16950

  3. José Luís
    Member
    Posted 2 years ago #

    Even more info on this matter: http://www.securityfocus.com/bid/49693/discuss

    Looking at the vulnerable code, I thought this could be corrected by changing:
         require_once(urldecode($_GET['abspath']).'/wp-load.php')
    to:
         require_once( ABSPATH . 'wp-load.php')

    Am I correct?

  4. José Luís
    Member
    Posted 2 years ago #

    Any news here?

  5. Mark (podz)
    Support Maven
    Posted 2 years ago #

    This is being investigated.

    As always with security issues it is better - and quicker - to send information to plugins@wordpress.org

  6. alanft
    Member
    Plugin Author

    Posted 2 years ago #

    i've just committed version 0.20 that uses WP's own AJAX action method rather than my massively flawed attempt

  7. José Luís
    Member
    Posted 2 years ago #

    Where is the plugin homepage? WordPress Extend Plugins report it missing... What happened?

  8. Mark (podz)
    Support Maven
    Posted 2 years ago #

    Sorry for the delay - all my fault.

    wordpress.org/extend/plugins/relocate-upload/

    is back.

  9. José Luís
    Member
    Posted 2 years ago #

    Thanks!

    I'll try it ASAP (my WordPress installation has not detected the update yet, maybe in a few minutes).

  10. José Luís
    Member
    Posted 2 years ago #

    Updated. Appears to be working fine.

    So far, so good...

    Thanks once again!

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic