CVE-2020-10564: 
WordPress vulnerability analysis and mitigation

An issue was discovered in the WordPress File Upload plugin before version 4.13.0. The vulnerability, identified as CVE-2020-10564, involves a directory traversal vulnerability that can lead to remote code execution. The vulnerability was discovered by security researcher riccardo krauter (p4w) and was publicly disclosed on March 13, 2020 (NVD, WPScan).

The vulnerability allows attackers to exploit a directory traversal flaw to achieve remote code execution by uploading a crafted text file into the plugin's lib directory, specifically exploiting a wfu_include_lib call. The vulnerability has received a CVSS v3.1 base score of 9.8 (Critical) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. The issue is classified as CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) (NVD, GitHub Report).

The vulnerability allows unauthenticated attackers to achieve remote code execution on affected WordPress installations. The exploit can be triggered without requiring any admin interaction, making it particularly severe. The successful exploitation could lead to complete system compromise with high impacts on confidentiality, integrity, and availability of the affected system (WPScan).

Users are advised to update to WordPress File Upload plugin version 4.13.0 or later, which contains the fix for this vulnerability. The fix was released through the WordPress plugin repository (WordPress Plugin).