What is the severity of CVE-2022-2431?

The severity of CVE-2022-2431 is classified as high due to the potential for arbitrary file deletion.

How do I fix CVE-2022-2431?

To fix CVE-2022-2431, update the WordPress Download Manager plugin to version 3.2.51 or later.

What versions of the Download Manager plugin are affected by CVE-2022-2431?

CVE-2022-2431 affects all versions of the Download Manager plugin for WordPress up to and including 3.2.50.

What is the cause of CVE-2022-2431?

CVE-2022-2431 is caused by insufficient file type and path validation in the deleteFiles() function.

What potential impact does CVE-2022-2431 have on my WordPress site?

The impact of CVE-2022-2431 could lead to unauthorized deletion of files from your WordPress site.

Vulnerability/
CVE-2022-2431

high

8.8

CWE

610 73

6/9/2022

3/8/2024

CVE-2022-2431: Download Manager <= 3.2.50 - Authenticated (Contributor+) Arbitrary File Deletion

First published: Tue Sep 06 2022(Updated: )

The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion in versions up to, and including 3.2.50. This is due to insufficient file type and path validation on the deleteFiles() function found in the ~/Admin/Menu/Packages.php file that triggers upon download post deletion. This makes it possible for contributor level users and above to supply an arbitrary file path via the 'file[files]' parameter when creating a download post and once the user deletes the post the supplied arbitrary file will be deleted. This can be used by attackers to delete the /wp-config.php file which will reset the installation and make it possible for an attacker to achieve remote code execution on the server.

Credit: security@wordfence.com

Affected Software	Affected Version	How to fix
WordPress Download Manager	<=3.2.50

Remedy

https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2762092%40download-manager&new=2762092%40download-manager&sfp_email=&sfph_mail=

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-2431?
The severity of CVE-2022-2431 is classified as high due to the potential for arbitrary file deletion.
How do I fix CVE-2022-2431?
To fix CVE-2022-2431, update the WordPress Download Manager plugin to version 3.2.51 or later.
What versions of the Download Manager plugin are affected by CVE-2022-2431?
CVE-2022-2431 affects all versions of the Download Manager plugin for WordPress up to and including 3.2.50.
What is the cause of CVE-2022-2431?
CVE-2022-2431 is caused by insufficient file type and path validation in the deleteFiles() function.
What potential impact does CVE-2022-2431 have on my WordPress site?
The impact of CVE-2022-2431 could lead to unauthorized deletion of files from your WordPress site.

agent/weakness
agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/title
agent/references
agent/author
agent/remedy
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/wpdownloadmanager
canonical/wordpress download manager
version/wordpress download manager/3.2.50

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.