A high-severity vulnerability has been identified in the WP AUDIO GALLERY plugin for WordPress, affecting all versions up to and including version 2. This flaw allows an attacker to delete arbitrary files from the server hosting the website, which can lead to a complete site outage, data loss, or create opportunities for further system compromise. Organizations using this plugin are at significant risk of business disruption and should take immediate action to remediate.

The vulnerability exists due to insufficient file path validation within a function designed to manage audio files. An attacker can craft a malicious request containing path traversal sequences (e.g., ../../..) to target and delete files outside of the plugin's intended directory. By exploiting this flaw, an attacker could delete critical WordPress core files like wp-config.php or .htaccess, effectively disabling the website or removing security configurations.

This vulnerability is rated as High severity with a CVSS score of 8.1. Exploitation could lead to severe business consequences, including a complete denial of service if core application files are deleted, resulting in website downtime, revenue loss, and reputational damage. The deletion of configuration files could also neutralize security measures, exposing the server to further attacks. In a worst-case scenario, an attacker could delete backups or other critical data on the server, leading to permanent data loss if external backups are not available.

Immediate Action:

• Immediately update the "WP AUDIO GALLERY" plugin to the latest patched version provided by the vendor.
• If the plugin is not essential for business operations, the recommended course of action is to deactivate and completely remove it to eliminate this attack vector.
• Perform a full backup of the website files and database before applying any updates or changes.

Proactive Monitoring:

• Monitor web server access logs for requests targeting the WP AUDIO GALLERY plugin's functions that contain path traversal patterns like ../ or ..%2f.
• Implement File Integrity Monitoring (FIM) to generate alerts for any unauthorized deletion or modification of critical files, especially wp-config.php, index.php, and other core WordPress files.
• Monitor for unexpected website errors or 5xx server errors, as these can be indicators of a successful attack where a critical file has been deleted.

Compensating Controls:

• Deploy a Web Application Firewall (WAF) with rulesets designed to detect and block path traversal attacks.
• Enforce strict file system permissions to ensure the web server user account cannot delete critical files outside of its designated directories. Critical files like wp-config.php should be set to read-only.
• If patching is not immediately possible, temporarily disable the vulnerable plugin until a maintenance window is available.

Public Exploit Available: false

Given the high CVSS score of 8.1 and the critical impact of a successful exploit, we recommend immediate remediation. All organizations using the WP AUDIO GALLERY plugin should treat this as a high-priority vulnerability and apply the necessary updates or remove the plugin without delay. Although this CVE is not currently listed on the CISA KEV catalog, its potential to cause a complete denial of service warrants urgent attention to prevent significant business disruption.