A critical arbitrary file upload vulnerability in the User Registration Advanced Fields WordPress plugin allows unauthenticated remote code execution.

The URAF_AJAX::method_upload function lacks necessary file type validation when processing profile picture uploads. This allows an unauthenticated attacker to upload malicious files, such as web shells, to the server.

With a CVSS score of 9.8, the ability to execute arbitrary code on the server provides an attacker with full control over the web application and the underlying server environment, leading to data theft and further network compromise.

Immediate Action: Update the User Registration Advanced Fields plugin to the latest version.

Proactive Monitoring: Scan the site's uploads directory for suspicious files or scripts that deviate from standard media formats.

Compensating Controls: Use a WAF to block unauthorized file uploads and restrict the execution of PHP scripts within the uploads directory.

Public Exploit Available: No

This vulnerability is highly critical due to the potential for remote code execution. Administrators should update the plugin immediately and audit the file system for signs of unauthorized file uploads.