WordPress Aspose Importer & Exporter 1.0 - Local File Inclusion

What is the "WordPress Aspose Importer & Exporter 1.0 - Local File Inclusion?"

The "WordPress Aspose Importer & Exporter 1.0 - Local File Inclusion" module is designed to detect a vulnerability in the WordPress Aspose Importer & Exporter plugin version 1.0. This vulnerability allows an attacker to include local files on the server by exploiting a file path traversal issue. The severity of this vulnerability is classified as high.

Impact

If successfully exploited, this vulnerability can lead to unauthorized access to sensitive files on the server. This can potentially expose sensitive information such as database credentials, which can be used for further attacks.

How the module works?

The module sends a GET request to the vulnerable endpoint:

/wp-content/plugins/aspose-importer-exporter/aspose_import_export_download?file=../../../wp-config.php

The module then checks the response body for the presence of specific keywords, such as "DB_NAME" and "DB_PASSWORD". If these keywords are found, it indicates that the vulnerable file has been successfully included and sensitive information may be exposed.

Additionally, the module verifies that the response status code is 200, ensuring that the request was successful.

Note: It is important to promptly update the WordPress Aspose Importer & Exporter plugin to the latest version to mitigate this vulnerability.