A Server-Side Request Forgery (SSRF) vulnerability has been identified in the WordPress Dropbox Folder Share Plugin. This vulnerability could allow a malicious actor to cause a website to execute website requests to an arbitrary domain of the attacker. This could allow a malicious actor to find sensitive information about other services running on the system.

This vulnerability was discovered and responsibly reported by Alex Thomas.

The vulnerability is an SSRF vulnerability that occurs in the dropbox-folder-share.php file. The vulnerability allows an attacker to exploit a flaw in the way that the plugin handles user input to cause the website to execute website requests to an arbitrary domain of the attacker.

Severity:

The vulnerability has a CVSS 3.1 score of 7.2, which is considered to be high. This means that the vulnerability is likely to be exploited and could have a significant impact on the affected system.

Affected Versions:

The vulnerability affects all versions of the Dropbox Folder Share Plugin.

Temporary Plugin Closure:

The Dropbox Folder Share Plugin has been temporarily closed as of September 12, 2023, pending a full security review. During this time, the plugin is not available for download or activation. It is essential to comply with this temporary closure and remove the plugin from WordPress installation immediately.

Impact:

An attacker who successfully exploits this vulnerability could:

  • Obtain sensitive information about other services running on the system, such as database credentials, API keys, and other secrets.
  • Launch denial-of-service attacks against other services running on the system.
  • Exfiltrate data from the system.

Recommendation:

Strongly advise WordPress website administrators to take the following actions:

  1. Deactivate and Delete the Plugin: Users of the Dropbox Folder Share Plugin are strongly advised to deactivate and delete the plugin as soon as possible. This plugin has been closed as of September 12, 2023, and is not available for download. This closure is temporary, pending a full review.
  2. Seek Alternatives: Look for alternative plugins or solutions that provide similar functionality but do not have known security vulnerabilities.
  3. Stay Informed: Keep informed about security updates and vulnerabilities related to WordPress plugins and themes.