The Garden Gnome Package plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the functionality that automatically extracts 'ggpkg' files that have been uploaded in all versions up to, and including, 2.3.0. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
History

Wed, 08 Jan 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 08 Jan 2025 09:30:00 +0000

Type Values Removed Values Added
Description The Garden Gnome Package plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the functionality that automatically extracts 'ggpkg' files that have been uploaded in all versions up to, and including, 2.3.0. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Title Garden Gnome Package <= 2.3.0 - Authenticated (Author+) Arbitrary File Upload
Weaknesses CWE-434
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2025-01-08T09:18:36.303Z

Updated: 2025-01-08T13:56:37.871Z

Reserved: 2024-12-20T15:57:03.082Z

Link: CVE-2024-12854

cve-icon Vulnrichment

Updated: 2025-01-08T13:56:31.048Z

cve-icon NVD

Status : Received

Published: 2025-01-08T10:15:07.120

Modified: 2025-01-08T10:15:07.120

Link: CVE-2024-12854

cve-icon Redhat

No data.