CVE-2023-4238 – This vulnerability in the Prevent files / folde... (How to Fix)

Q: What is the severity of CVE-2023-4238?

CVE-2023-4238 has a CVSS score of 7.2 (HIGH). This vulnerability in the Prevent files / folders access WordPress plugin allows attackers to upload arbitrary files, including malicious PHP scripts, to the server without proper validation. It affects WordPress sites using vulnerable versions of this plugin. Attackers could gain remote code execution capabilities.

📋 TL;DR

This vulnerability in the Prevent files / folders access WordPress plugin allows attackers to upload arbitrary files, including malicious PHP scripts, to the server without proper validation. It affects WordPress sites using vulnerable versions of this plugin. Attackers could gain remote code execution capabilities.

💻 Affected Systems

Products:

WordPress Prevent files / folders access plugin

Versions: Versions before 2.5.2

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires plugin to be installed and active on WordPress site.

📦 What is this software?

Prevent Files \/ Folders Access by Miniorange

View all CVEs affecting Prevent Files \/ Folders Access →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise leading to data theft, ransomware deployment, or website defacement through remote code execution.

🟠

Likely Case

Attackers upload web shells to gain persistent access, steal sensitive data, or use the server for malicious activities.

🟢

If Mitigated

Limited impact with proper file upload restrictions and web application firewalls in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires attacker access to file upload functionality, typically through authenticated user interface.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.5.2

Vendor Advisory: https://wpscan.com/vulnerability/53816136-4b1a-4b7d-b73b-08a90c2a638f

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Prevent files / folders access' plugin. 4. Click 'Update Now' if update available. 5. If no update appears, manually update to version 2.5.2 or later.

🔧 Temporary Workarounds

Disable vulnerable plugin

all

Temporarily deactivate the plugin until patched version is available.

wp plugin deactivate prevent-files-folders-access

Restrict file uploads via .htaccess

linux

Block execution of uploaded PHP files in upload directories.

Add to .htaccess in wp-content/uploads: <Files *.php> deny from all </Files>

🧯 If You Can't Patch

Implement strict file upload validation at web server level
Deploy web application firewall with file upload protection rules

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Prevent files / folders access > Version number. If version is below 2.5.2, system is vulnerable.

Check Version:

wp plugin list --name='prevent-files-folders-access' --field=version

Verify Fix Applied:

Confirm plugin version is 2.5.2 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

Unusual file uploads to wp-content/uploads directory
POST requests to plugin file upload endpoints with PHP extensions

Network Indicators:

HTTP POST requests containing PHP file content to upload endpoints

SIEM Query:

source="web_server" (method="POST" AND uri="*prevent-files-folders-access*" AND (extension="php" OR content="<?php"))

📊 Metadata

CVE ID: CVE-2023-4238

CVSS v3 Score: 7.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Published: September 25, 2023

Last Updated: April 22, 2025

🔗 References

https://wpscan.com/vulnerability/53816136-4b1a-4b7d-b73b-08a90c2a638f Exploit,Third Party Advisory
https://wpscan.com/vulnerability/53816136-4b1a-4b7d-b73b-08a90c2a638f Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON