CVE-2019-25138: 
WordPress vulnerability analysis and mitigation

The User Submitted Posts plugin for WordPress (versions up to and including 20190312) contains an arbitrary file upload vulnerability. The vulnerability allows unauthenticated attackers to upload arbitrary files to the affected site's server due to missing file type validation in the uspcheckimages function (NVD, NinTechNet Blog).

The vulnerability exists in the uspcheckimages function which uses PHP's exif_imagetype() and getimagesize() functions to validate uploaded files. These functions are not suitable for validating untrusted files as they only check the first few bytes of a file. Attackers can bypass this validation by creating a malicious file with valid image headers while containing executable code. The vulnerability has a CVSS v3.1 score of 9.8 CRITICAL (Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) (NinTechNet Blog, Wordfence).

The vulnerability allows unauthenticated attackers to upload arbitrary files to the server, which could lead to remote code execution if executable files like PHP scripts are uploaded. This gives attackers complete control over the affected WordPress site (NinTechNet Blog).

Users should immediately update to a version newer than 20190312 which includes proper file type validation. Sites using NinjaFirewall WP Edition (free) and NinjaFirewall WP+ Edition (premium) are protected against this vulnerability (NinTechNet Blog).