A high-severity vulnerability has been identified in the RESTful Content Syndication plugin for WordPress. This flaw allows an attacker to upload malicious files, such as web shells, to a vulnerable website, which can lead to a complete system compromise. Due to the lack of file type verification, an attacker can bypass security checks and execute arbitrary code, enabling them to steal data, deface the website, or use the server for further attacks.

The vulnerability exists within the ingest_image() function of the RESTful Content Syndication plugin. This function is responsible for handling image uploads but fails to properly validate the type of file being uploaded. An attacker can exploit this flaw by crafting a request to upload a malicious script (e.g., a PHP web shell) disguised as an image. Because the server does not check the file extension or content, it saves the malicious file, allowing the attacker to execute it by accessing the file's URL, resulting in remote code execution on the web server.

This vulnerability is rated as High severity with a CVSS score of 8.8. Successful exploitation could lead to a complete compromise of the affected website and the underlying server. Potential consequences include theft of sensitive data such as customer information and business records, website defacement causing significant reputational damage, and financial loss due to downtime and incident response costs. The compromised server could also be used as a pivot point to launch further attacks against the organization's internal network.

Immediate Action: Immediately update the RESTful Content Syndication plugin to the latest patched version provided by the vendor. If the plugin is not critical to business operations, the recommended course of action is to disable and completely remove it to eliminate the attack surface.

Proactive Monitoring: Monitor web server access logs for unusual POST requests to the plugin's endpoints, specifically looking for uploads of non-image files (e.g., .php, .phtml, .sh). Implement file integrity monitoring on the WordPress uploads directory to detect the creation of suspicious files. Monitor for any anomalous outbound network traffic from the web server, which could indicate a successful compromise.

Compensating Controls: If immediate patching is not feasible, implement a Web Application Firewall (WAF) with rules to block file uploads containing malicious extensions to the vulnerable endpoint. Additionally, harden server permissions to prevent script execution in the uploads directory. Disabling the plugin remains the most effective temporary mitigation if it cannot be patched or removed.

Public Exploit Available: false

Given the high severity (CVSS 8.8) of this vulnerability and its potential to allow for a full system compromise, we strongly recommend immediate action. Organizations utilizing the RESTful Content Syndication plugin must treat this as a critical priority and apply the vendor-supplied patch without delay. While this CVE is not currently on the CISA KEV list, its impact makes it a likely candidate for future inclusion. If the plugin cannot be updated, it should be disabled and removed immediately to mitigate the risk.