CVE-2016-20075 Etoilewebdesign CVE debrief

Who should care

Users of the WordPress Ultimate Product Catalog plugin, particularly those with contributor, editor, author, or administrator roles, should be aware of this vulnerability and take necessary precautions.

Technical summary

The vulnerability is caused by a lack of proper validation and sanitization of user-uploaded files. An attacker can exploit this vulnerability by uploading a malicious PHP file through the custom file field in the Products tab. The uploaded file can then be accessed via the upcp-product-file-uploads directory, allowing the attacker to execute arbitrary code on the server.

Defensive priority

High

Recommended defensive actions

• Update the WordPress Ultimate Product Catalog plugin to a version that fixes the vulnerability.
• Restrict access to the Products tab custom file field to only trusted users.
• Monitor the upcp-product-file-uploads directory for suspicious files.

Evidence notes

The CVE record for CVE-2016-20075 can be found at [cve-org]. The NVD detail for this vulnerability can be found at [nvd]. Additional information can be found at [ref-4], [ref-5], and [ref-6].

Official resources