CVE-2023-43835 in Super Store Finder
Summary
by MITRE • 10/25/2023
Super Store Finder 3.7 and below is vulnerable to authenticated Arbitrary PHP Code Injection that could lead to Remote Code Execution when settings overwrite config.inc.php content.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 02/07/2026
The Super Store Finder plugin for WordPress versions 3.7 and below contains a critical vulnerability that allows authenticated attackers to inject arbitrary PHP code through a configuration file overwrite mechanism. This vulnerability falls under the CWE-94 category of Improper Control of Generation of Code, specifically manifesting as an arbitrary code injection flaw that can be exploited to achieve remote code execution on the affected system. The vulnerability exists within the plugin's administrative settings handling functionality where user input is not properly sanitized before being written to the config.inc.php file.
The technical exploitation of this vulnerability requires an authenticated user account with sufficient privileges to access the plugin's administrative interface. Once authenticated, the attacker can manipulate the settings parameters to inject malicious PHP code that gets written to the config.inc.php file. This file overwrite operation bypasses normal input validation mechanisms and allows the attacker to execute arbitrary code on the target server with the privileges of the web application. The vulnerability is particularly dangerous because it leverages legitimate administrative functionality to achieve unauthorized code execution, making it difficult to detect through standard security monitoring.
The operational impact of this vulnerability extends beyond simple code execution to encompass complete system compromise. An attacker who successfully exploits this vulnerability can gain full control over the WordPress installation, potentially leading to data theft, service disruption, or use as a pivot point for attacking other systems within the network. The attack vector is particularly concerning because it does not require specialized tools or techniques beyond normal administrative access, making it accessible to attackers with basic privileges. This vulnerability also represents a significant risk to organizations that rely on WordPress plugins for business-critical applications, as the compromise of a single plugin can lead to widespread system compromise.
Mitigation strategies for this vulnerability should include immediate patching of the Super Store Finder plugin to version 3.8 or later, which addresses the configuration file overwrite issue through proper input sanitization and validation. Organizations should also implement network segmentation and access controls to limit administrative privileges, ensuring that only trusted users have access to plugin settings. Additionally, regular security audits of installed plugins and themes should be conducted to identify and remediate similar vulnerabilities. The ATT&CK framework categorizes this vulnerability under T1059.007 for Windows Command Shell and T1566.001 for Phishing, as the attack chain typically involves gaining initial access through social engineering or credential compromise before exploiting the administrative interface. System administrators should also implement file integrity monitoring to detect unauthorized changes to critical configuration files and establish robust backup procedures to quickly restore compromised systems.