A high-severity vulnerability has been identified in the GI-Media Library plugin for WordPress. This flaw allows an unauthenticated attacker to bypass security measures and read sensitive files on the server, such as configuration files containing database credentials. Successful exploitation could lead to the exposure of confidential information and potentially a full compromise of the website.

The vulnerability is a Directory Traversal, also known as Path Traversal. The GI-Media Library plugin fails to properly validate or sanitize user-supplied input that is used to construct file paths on the server. An unauthenticated remote attacker can exploit this by crafting a malicious request containing "dot-dot-slash" (../) sequences. By manipulating a parameter in an HTTP request to the plugin, the attacker can navigate outside of the intended web root directory and access or download arbitrary files from the server's filesystem, such as wp-config.php or /etc/passwd.

This vulnerability is rated as High severity with a CVSS score of 7.5. Successful exploitation could lead to a significant data breach by allowing an attacker to read sensitive files directly from the server. The primary risk is the exposure of critical configuration files like wp-config.php, which contain database credentials. An attacker gaining these credentials could access, modify, or delete all website data, leading to intellectual property theft, exposure of user information, and severe reputational damage. This information can also be used as a foothold for further attacks against the underlying server and internal network.

Immediate Action: Immediately update the GI-Media Library plugin to the latest available version (3.0 or higher), which addresses this vulnerability. If the plugin is not actively used or required for business operations, the recommended course of action is to deactivate and completely remove it from the WordPress installation to eliminate the attack surface.

Proactive Monitoring: Monitor web server access logs for requests targeting the GI-Media Library plugin that contain directory traversal patterns such as ../, ..%2f, or their encoded variants. Implement a File Integrity Monitoring (FIM) solution to generate alerts upon unauthorized access attempts to critical files like wp-config.php.

Compensating Controls: If immediate patching is not feasible, implement a Web Application Firewall (WAF) with rules specifically designed to detect and block directory traversal attack patterns. Additionally, review and harden file system permissions to ensure the web server's user account has the most restrictive access necessary and cannot read files outside of the web root directory.

Public Exploit Available: true

Given the High severity (CVSS 7.5) of this vulnerability and the availability of public exploit code, we strongly recommend immediate remediation. The risk of sensitive data exposure is significant. The primary action is to update the GI-Media Library plugin to a patched version or remove it entirely if it is not essential. Although this CVE is not on the CISA KEV list, its simplicity and the potential impact of a successful attack warrant urgent attention. Organizations should prioritize patching this vulnerability to prevent a potential data breach.