CVE-2023-4861

7.2 HIGH

Remote Code Execution

📋 TL;DR

The File Manager Pro WordPress plugin before version 1.8.1 allows authenticated admin users to upload arbitrary files, bypassing intended restrictions in environments like multisite installations. This vulnerability leads to remote code execution, affecting WordPress sites using the vulnerable plugin.

💻 Affected Systems

Products:

• File Manager Pro WordPress plugin

Versions: All versions before 1.8.1

Operating Systems: All operating systems running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires admin-level access, but in multisite environments, admin users may have limited permissions that this vulnerability bypasses.

📦 What is this software?

Filester by Ninjateam

View all CVEs affecting Filester →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full server compromise with attacker gaining complete control over the WordPress installation and underlying server through arbitrary file upload leading to remote code execution.

🟠

Likely Case

Unauthorized file upload leading to webshell deployment, data theft, site defacement, or further lateral movement within the hosting environment.

🟢

If Mitigated

Limited impact with proper file upload restrictions, admin user monitoring, and network segmentation in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires admin credentials but is straightforward once authenticated. Public proof-of-concept exists.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.8.1

Vendor Advisory: https://wpscan.com/vulnerability/7fa03f00-25c7-4e40-8592-bb4001ce019d

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find File Manager Pro plugin. 4. Click 'Update Now' if available. 5. Alternatively, download version 1.8.1+ from WordPress repository and manually update.

🔧 Temporary Workarounds

Disable File Manager Pro plugin

all

Temporarily disable the vulnerable plugin until patching is possible

Copy

wp plugin deactivate file-manager-pro

Restrict admin user access

all

Temporarily restrict or monitor admin user accounts that could exploit this vulnerability

🧯 If You Can't Patch

• Implement strict file upload restrictions at web server level (e.g., .htaccess rules blocking PHP file uploads)
• Enable detailed logging of file upload activities and monitor for suspicious behavior

🔍 How to Verify

Check if Vulnerable:

Copy

Check WordPress admin panel > Plugins > File Manager Pro version number. If version is below 1.8.1, system is vulnerable.

Check Version:

Copy

wp plugin get file-manager-pro --field=version

Verify Fix Applied:

Copy

Confirm File Manager Pro plugin version is 1.8.1 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

• Unusual file uploads by admin users
• PHP or executable files uploaded via File Manager Pro
• Multiple failed upload attempts

Network Indicators:

• HTTP POST requests to file manager endpoints with suspicious file extensions
• Unusual outbound connections from WordPress server

SIEM Query:

Copy

source="wordpress.log" AND "file-manager-pro" AND ("upload" OR "POST") AND ("php" OR "exe" OR "sh")

📊 Metadata

CVE ID: CVE-2023-4861

CVSS v3 Score: 7.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Published: October 16, 2023

Last Updated: April 23, 2025

🔗 References

• https://wpscan.com/vulnerability/7fa03f00-25c7-4e40-8592-bb4001ce019d Exploit,Third Party Advisory
• https://wpscan.com/vulnerability/7fa03f00-25c7-4e40-8592-bb4001ce019d Exploit,Third Party Advisory

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON