Last updated
Was this helpful?
Become VeryLazyTech ! 🎁
Follow us on:
✖ Twitter .
👾 Github .
📜 Medium .
📺 YouTube .
📩 Telegram .
🕵️♂️ My Site .
Visit our for e-books and courses. 📚
The File Away plugin for WordPress (versions ≤ 3.9.9.0.1) is affected by a critical vulnerability caused by a missing capability check in the ajax() function. This vulnerability allows unauthenticated users to exploit the plugin via crafted AJAX requests. Due to the use of a reversible weak encoding algorithm, attackers can read arbitrary files on the target server — including configuration files, credentials, or other sensitive data.
Impact: Complete disclosure of sensitive server-side files without authentication.
CVE ID: Vulnerable Plugin: File Away ≤ 3.9.9.0.1 Vulnerability Type: Missing Authorization / Arbitrary File Read Access Complexity: Low Authentication Required: None
Disclaimer: This Proof of Concept (POC) is made for educational and ethical testing purposes only. Usage of this tool for attacking targets without prior mutual consent is illegal. It is the end user’s responsibility to obey all applicable local, state, and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.
To identify websites potentially using the vulnerable File Away plugin, use the following FOFA dork:
First, clone the repository:
Run the Exploit:
Example:
The script will attempt to access and display the contents of the specified file if the target is vulnerable.
This makes it possible for unauthenticated attackers to read arbitrary files including the WordPress configuration file (wp-config.php).
Learn & practice
Become VeryLazyTech ! 🎁
✖ Twitter .
👾 Github .
📜 Medium .
📺 YouTube .
📩 Telegram .
🕵️♂️ My Site .
Visit our for e-books and courses. 📚