CVE-2022-1538: 
WordPress vulnerability analysis and mitigation

The Theme Demo Import WordPress plugin before version 1.1.1 contains a critical security vulnerability that allows high-privilege users such as administrators to upload arbitrary files (including PHP files) even when FILE_MODS and FILE_EDIT are disallowed. This vulnerability was assigned CVE-2022-1538 and was discovered in late 2022 (WPScan).

The vulnerability stems from insufficient file validation during the demo import process. The plugin fails to properly validate imported files, which enables the upload of potentially malicious files like PHP scripts. The vulnerability has been assigned a CVSS v3.1 base score of 7.2 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. It is classified under CWE-434 (Unrestricted Upload of File with Dangerous Type) (NVD).

The vulnerability could allow authenticated administrators to bypass file upload restrictions and upload arbitrary files, including malicious PHP files, even when WordPress file modification and editing capabilities are explicitly disabled. This could potentially lead to remote code execution on the affected WordPress installation (WPScan).

The vulnerability has been patched in version 1.1.1 of the Theme Demo Import plugin. Users are strongly advised to update to this version or later to mitigate the security risk (WPScan).