This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis โ
Q1What is this vulnerability? (Essence + Consequences)
๐จ **Essence**: InPost Gallery < 2.1.4.1 has a Path Traversal/LFI vulnerability. <br>๐ฅ **Consequences**: Attackers can force inclusion of malicious files/URLs, leading to **Remote Code Execution (RCE)** on the server.โฆ
๐ ๏ธ **Root Cause**: Insecure use of PHP's `extract()` function. <br>โ ๏ธ **Flaw**: When rendering HTML views, user input is not sanitized before extraction, allowing variable injection.โฆ
๐ **Threshold**: **LOW**. <br>๐ **Auth**: Unauthenticated (No credentials required). <br>โ๏ธ **Config**: Exploitable via standard HTTP requests to the plugin's HTML rendering endpoints. Easy to trigger. ๐
Q6Is there a public Exp? (PoC/Wild Exploitation)
๐ฅ **Public Exp?**: **YES**. <br>๐ ๏ธ **Tools**: <br>1. **INPGer**: Automatic mass checking tool (GitHub: im-hanzou). <br>2. **Nuclei**: Template available (projectdiscovery).โฆ
๐ **Self-Check**: <br>1. Scan for InPost Gallery plugin version. <br>2. Use **Nuclei** with CVE-2022-4063 template. <br>3. Check for LFI indicators in HTTP responses. <br>4.โฆ
๐ก๏ธ **Fixed?**: **YES**. <br>๐ฆ **Patch**: Update InPost Gallery to version **2.1.4.1 or later**. <br>โ **Mitigation**: Official update resolves the `extract()` insecurity. ๐
Q9What if no patch? (Workaround)
๐ง **No Patch?**: <br>1. **Disable/Remove** the InPost Gallery plugin immediately. <br>2. Restrict access to WordPress admin/plugins via WAF. <br>3. Monitor logs for LFI/RCE attempts. ๐ Critical workaround.
Q10Is it urgent? (Priority Suggestion)
๐จ **Urgency**: **CRITICAL**. <br>โณ **Priority**: **P0 - Immediate Action**. <br>๐ข **Reason**: Unauthenticated RCE + Public PoCs + High Impact. Patch immediately or disable plugin. โฐ Time-sensitive.