一、 漏洞 CVE-2025-3515 基础信息
漏洞信息
                                        # Contact Form 7 <=1.3.8.9 任意文件上传漏洞

## 漏洞概述
Drag and Drop Multiple File Upload for Contact Form 7 插件存在任意文件上传漏洞,攻击者可以通过绕过黑名单上传 `.phar` 或其他危险文件类型,进而实现远程代码执行。

## 影响版本
所有版本,包括 1.3.8.9 及之前版本。

## 漏洞细节
- **问题根源**:文件类型验证不足。
- **攻击场景**:未认证的攻击者可以绕过黑名单上传 `.phar` 或其他危险文件。
- **利用条件**:服务器配置为处理 `.phar` 文件为可执行 PHP 脚本时,特别是在默认的 Apache+mod_php 配置下,文件扩展名在传递到 PHP 解释器之前不会进行严格的验证。

## 影响
在配置为处理 `.phar` 文件为可执行 PHP 脚本的服务器上,该漏洞可能导致远程代码执行。
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.8.9 - Unauthenticated Arbitrary File Upload via Insufficient Blacklist Checks
来源:美国国家漏洞数据库 NVD
漏洞描述信息
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 1.3.8.9. This makes it possible for unauthenticated attackers to bypass the plugin's blacklist and upload .phar or other dangerous file types on the affected site's server, which may make remote code execution possible on the servers that are configured to handle .phar files as executable PHP scripts, particularly in default Apache+mod_php configurations where the file extension is not strictly validated before being passed to the PHP interpreter.
来源:美国国家漏洞数据库 NVD
CVSS信息
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
来源:美国国家漏洞数据库 NVD
漏洞类别
危险类型文件的不加限制上传
来源:美国国家漏洞数据库 NVD
漏洞标题
WordPress plugin Drag and Drop Multiple File Upload for Contact Form 代码问题漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin Drag and Drop Multiple File Upload for Contact Form 7 1.3.8.9及之前版本存在代码问题漏洞,该漏洞源于文件类型验证不足,可能导致未经验证攻击者上传.phar等危险文件类
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
代码问题
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2025-3515 的公开POC
# POC 描述 源链接 神龙链接
1 CVE‑2025‑3515 — Drag and Drop Multiple File Upload for Contact Form 7 https://github.com/Professor6T9/CVE-2025-3515 POC详情
2 WordPress File Upload RCE Exploit https://github.com/blueisbeautiful/CVE-2025-3515 POC详情
3 CVE-2025-3515 WordPress lab for Drag and Drop Multiple File Upload for CF7: Dockerized PoC & Nuclei testing https://github.com/ImBIOS/lab-cve-2025-3515 POC详情
4 The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 1.3.8.9. This makes it possible for unauthenticated attackers to bypass the plugin's blacklist and upload .phar or other dangerous file types on the affected site's server, which may make remote code execution possible on the servers that are configured to handle .phar files as executable PHP scripts, particularly in default Apache+mod_php configurations where the file extension is not strictly validated before being passed to the PHP interpreter. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-3515.yaml POC详情
5 🛠️ Reproduce and validate CVE-2025-3515 in a Dockerized WordPress lab to test unrestricted file uploads via the Contact Form 7 plugin. https://github.com/MrSoules/lab-cve-2025-3515 POC详情
6 WordPress File Upload RCE Exploit https://github.com/brokendreamsclub/CVE-2025-3515 POC详情
三、漏洞 CVE-2025-3515 的情报信息

  • 标题: Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.8.9 - Unauthenticated Arbitrary File Upload via Insufficient Blacklist Checks -- 🔗来源链接

    标签:

    神龙速读
    Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.8.9 - Unauthenticated Arbitrary File Upload via Insufficient Blacklist Checks

  • 标题: dnd-upload-cf7.php in drag-and-drop-multiple-file-upload-contact-form-7/tags/1.3.8.8/inc – WordPress Plugin Repository -- 🔗来源链接

    标签:

    dnd-upload-cf7.php in drag-and-drop-multiple-file-upload-contact-form-7/tags/1.3.8.8/inc – WordPress Plugin Repository

  • 标题: Changeset 3310153 – WordPress Plugin Repository -- 🔗来源链接

    标签:

    神龙速读
    Changeset 3310153 – WordPress Plugin Repository
  • https://nvd.nist.gov/vuln/detail/CVE-2025-3515
四、漏洞 CVE-2025-3515 的评论

暂无评论

发表评论