CVE-2023-4488
📋 TL;DR
This vulnerability in Dropbox Folder Share for WordPress allows unauthenticated attackers to include and execute arbitrary PHP files on the server via the editor-view.php file. This can lead to remote code execution, data theft, and complete system compromise. WordPress sites using vulnerable versions of this plugin are affected.
💻 Affected Systems
- Dropbox Folder Share for WordPress
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete server takeover with attacker gaining full control, installing backdoors, stealing sensitive data, and using the server for further attacks.
Likely Case
Remote code execution leading to website defacement, data exfiltration, or installation of cryptocurrency miners/malware.
If Mitigated
Limited impact if proper file upload restrictions and web application firewalls are in place, though LFI could still expose sensitive files.
🎯 Exploit Status
Simple LFI vulnerability with public proof-of-concept available; trivial to exploit by attackers.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version 1.9.8 or later
Vendor Advisory: https://plugins.trac.wordpress.org/browser/dropbox-folder-share/trunk/HynoTech/UsosGenerales/js/editor-view.php?rev=2904670
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins. 3. Find Dropbox Folder Share. 4. Click 'Update Now' if available. 5. Alternatively, download version 1.9.8+ from WordPress repository and replace plugin files.
🔧 Temporary Workarounds
Disable vulnerable plugin
allTemporarily disable the Dropbox Folder Share plugin until patched
wp plugin deactivate dropbox-folder-share
Restrict file access
linuxAdd .htaccess rules to block access to editor-view.php
<Files "editor-view.php">
Order Allow,Deny
Deny from all
</Files>
🧯 If You Can't Patch
- Remove the Dropbox Folder Share plugin completely from your WordPress installation
- Implement web application firewall rules to block requests to editor-view.php with file inclusion parameters
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel > Plugins > Dropbox Folder Share version. If version is 1.9.7 or lower, you are vulnerable.Check Version:
wp plugin get dropbox-folder-share --field=versionVerify Fix Applied:
Verify plugin version is 1.9.8 or higher in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- HTTP requests to /wp-content/plugins/dropbox-folder-share/HynoTech/UsosGenerales/js/editor-view.php with file parameters
- Unusual PHP file execution in plugin directory
Network Indicators:
- Requests containing file inclusion patterns like '?file=' or '../' in URL parameters
SIEM Query:
source="web_logs" AND url="*editor-view.php*" AND (url="*file=*" OR url="*../*")🔗 References
- https://plugins.trac.wordpress.org/browser/dropbox-folder-share/trunk/HynoTech/UsosGenerales/js/editor-view.php?rev=2904670
- https://www.wordfence.com/threat-intel/vulnerabilities/id/647a2f27-092a-4db1-932d-87ae8c2efcca?source=cve
- https://plugins.trac.wordpress.org/browser/dropbox-folder-share/trunk/HynoTech/UsosGenerales/js/editor-view.php?rev=2904670
- https://www.wordfence.com/threat-intel/vulnerabilities/id/647a2f27-092a-4db1-932d-87ae8c2efcca?source=cve
