Unprotected file upload form accessible | WordPress.org

Resolved J T
(@teggweb)

10 years, 9 months ago

I happened to be inspecting some code on a site I manage, and noticed a URL in some generated javascript from this plugin:

http://mydomain.com/wp-content/uploads/wp-google-maps/1markers.xml?u=’+UniqueCode

If I access this URL directly, I’m presented with an unprotected file upload form. I think this is a potentially severe security issue.

I can access that same upload form with any URL based on my site’s upload directory, plus /wp-google-maps/. For instance:

http://mydomain.com/wp-content/uploads/wp-google-maps/whatever/path/I/want/

https://wordpress.org/plugins/wp-google-maps/

Viewing 2 replies - 1 through 2 (of 2 total)

Thread Starter J T
(@teggweb)

10 years, 9 months ago

Oh, BTW, the upload works and uploads the selected file directly to my site’s root directory.

Plugin Author WPGMaps
(@wpgmaps)

10 years, 9 months ago

Hi JT
The XML File is the file that has the marker data stored to it.
It should just load the XML data when you access that page. If you are getting anything else, then something else must be at play here. See http://wpgmaps.com/wp-content/uploads/wp-google-maps/1markers.xml for an example.

Please contact me on http://www.wpgmaps.com/contact-us/ so I can discuss this with you further. If there is an issue, I will sort it out and post the solution here.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Unprotected file upload form accessible’ is closed to new replies.

2 replies
2 participants
Last reply from: WPGMaps
Last activity: 10 years, 9 months ago
Status: resolved