Found an exploit in a really old Wordpress plugin...

trparky · Mar 14, 2025

I was browsing through the Wordfence Web Application Firewall log of my Wordpress site, and I found something interesting. Thankfully it was blocked by Wordfence so that's good—it never did any damage to my site. I don't even have the plugin installed on my site so again, good.

However, I digress—I found an exploit in an old Wordpress plugin. So old that it doesn't seem that Wordpress even lists it as a plugin to be installed. Thankfully.

However, the plugin does exist. I found it on Github and after a little bit of investigation, one of the files in that plugin is indeed vulnerable to that very exploit. A path traversal exploit. There's no input validation or cleanup before passing it to a PHP read() function.

What do I do with this knowledge? Is there a possibility that sites out there have this plugin installed and are vulnerable to this exploit?

Obviously, I don't want to publish this exploit or the name of the plugin publicly since well... duh. But what do I do? I have no idea how to responsibly disclose this vulnerablity.

Mindweaver · Mar 14, 2025

Since it's on Github then I would report it to Github. Hopefully they will at least take it down which would be a big step in the right direction.

Assimilator · Mar 14, 2025

Is the plugin still maintained at all? If so create an issue in their GH that explains you've found a vuln and asks for a direct non-public contact to reach out to, in order to detail it so they can fix it.

If it's abandoned then not much you can do, and if it's old enough to be abandoned it's really on the people using that plugin to stop using abandonware.

bug · Mar 14, 2025

Maybe check the NIST database first, chances are it's reported already: https://nvd.nist.gov/vuln/search

Other than that, what @Assimilator said.

trparky · Mar 14, 2025

Someone suggested that I disclose it to PatchStack. I've done just that.

System Name	My Ryzen 7 7700X Super Computer
Processor	AMD Ryzen 7 7700X
Motherboard	Gigabyte B650 Aorus Elite AX
Cooling	DeepCool AK620 with Arctic Silver 5
Memory	2x16GB G.Skill Trident Z5 NEO DDR5 EXPO (CL30)
Video Card(s)	XFX AMD Radeon RX 7900 GRE
Storage	Samsung 980 EVO 1 TB NVMe SSD (System Drive), Samsung 970 EVO 500 GB NVMe SSD (Game Drive)
Display(s)	Acer Nitro XV272U (DisplayPort) and Acer Nitro XV270U (DisplayPort)
Case	Lian Li LANCOOL II MESH C
Audio Device(s)	On-Board Sound / Sony WH-XB910N Bluetooth Headphones
Power Supply	MSI A850GF
Mouse	Logitech M705
Keyboard	Steelseries
Software	Windows 11 Pro 64-bit
Benchmark Scores	https://valid.x86.fr/liwjs3

System Name	Tower of Power / Delliverance
Processor	i7 14700K / i9-14900K
Motherboard	ASUS ROG Strix Z790-A Gaming WiFi II / Z690
Cooling	CM MasterLiquid ML360 Mirror ARGB Close-Loop AIO / Air
Memory	CORSAIR - VENGEANCE RGB 32GB (2x16GB) DDR5 7200MHz / DDR5 2x 16gb
Video Card(s)	ASUS TUF Gaming GeForce RTX 4070 Ti / GeForce RTX 4080
Storage	4x Samsung 980 Pro 1TB M.2, 2x Crucial 1TB SSD / NVM3 PC801 SK hynix 1TB
Display(s)	Samsung 32" Odyssy G5 Gaming 144hz 1440p, 2x LG HDR 32" 60hz 4k / 2x LG HDR 32" 60hz 4k
Case	Phantek "400A" / Dell XPS 8960
Audio Device(s)	Realtek ALC4080 / Sound Blaster X1
Power Supply	Corsair RM Series RM750 / 750w
Mouse	Razer Deathadder V3 Hyperspeed Wireless / Glorious Gaming Model O 2 Wireless
Keyboard	Glorious GMMK with box-white switches / Keychron K6 pro with blue swithes
VR HMD	Quest 3 (512gb) + Rift S + HTC Vive + DK1
Software	Windows 11 Pro x64 / Windows 11 Pro x64
Benchmark Scores	Yes

System Name	Firelance.
Processor	Threadripper 3960X
Motherboard	ROG Strix TRX40-E Gaming
Cooling	IceGem 360 + 6x Arctic Cooling P12
Memory	8x 16GB Patriot Viper DDR4-3200 CL16
Video Card(s)	MSI GeForce RTX 4060 Ti Ventus 2X OC
Storage	2TB WD SN850X (boot), 4TB Crucial P3 (data)
Display(s)	Dell S3221QS(A) (32" 38x21 60Hz) + 2x AOC Q32E2N (32" 25x14 75Hz)
Case	Enthoo Pro II Server Edition (Closed Panel) + 6 fans
Power Supply	Fractal Design Ion+ 2 Platinum 760W
Mouse	Logitech G604
Keyboard	Razer Pro Type Ultra
Software	Windows 10 Professional x64

Processor	Intel i5-12600k
Motherboard	Asus H670 TUF
Cooling	Arctic Freezer 34
Memory	2x16GB DDR4 3600 G.Skill Ripjaws V
Video Card(s)	EVGA GTX 1060 SC
Storage	500GB Samsung 970 EVO, 500GB Samsung 850 EVO, 1TB Crucial MX300 and 2TB Crucial MX500
Display(s)	Dell U3219Q + HP ZR24w
Case	Raijintek Thetis
Audio Device(s)	Audioquest Dragonfly Red :D
Power Supply	Seasonic 620W M12
Mouse	Logitech G502 Proteus Core
Keyboard	G.Skill KM780R
Software	Arch Linux + Win10

System Name	My Ryzen 7 7700X Super Computer
Processor	AMD Ryzen 7 7700X
Motherboard	Gigabyte B650 Aorus Elite AX
Cooling	DeepCool AK620 with Arctic Silver 5
Memory	2x16GB G.Skill Trident Z5 NEO DDR5 EXPO (CL30)
Video Card(s)	XFX AMD Radeon RX 7900 GRE
Storage	Samsung 980 EVO 1 TB NVMe SSD (System Drive), Samsung 970 EVO 500 GB NVMe SSD (Game Drive)
Display(s)	Acer Nitro XV272U (DisplayPort) and Acer Nitro XV270U (DisplayPort)
Case	Lian Li LANCOOL II MESH C
Audio Device(s)	On-Board Sound / Sony WH-XB910N Bluetooth Headphones
Power Supply	MSI A850GF
Mouse	Logitech M705
Keyboard	Steelseries
Software	Windows 11 Pro 64-bit
Benchmark Scores	https://valid.x86.fr/liwjs3

Found an exploit in a really old Wordpress plugin...

trparky

Mindweaver

Moderato®™

Assimilator

bug

trparky