Wordfence specialists discovered a critical vulnerability in Download Manager, one of the most popular WordPress plugins. Tracked as CVE-2021-34639, the flaws reside in the aforementioned plugin and could allow threat actors to execute arbitrary code under certain circumstances.
To be precise, the flaw could allow authors and other users with the ability upload_files load files with php4 extensions as well as other potentially executable files.
According to Wordfence experts, the plugin fixed a flaw that would “make it easier to execute arbitrary files on the affected websites.” While the patch released by the developers was enough to protect many configurations, it only checked the last file extension, so it was still possible to perform a “double extension” attack by loading a file with multiple extensions.
As some users will know, a dual-extension attack occurs when threat actors send a file with multiple extensions for execution, as a method to evade the affected security mechanisms.
Regarding the vulnerability, the report notes that this bug received a score of 7.5/10 according to the Common Vulnerability Scoring System (CVSS). The flaw is severe but the exploitation is highly complex, since even under the required conditions it is complicated to execute the uploaded files.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.