Description: The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.11 via wfu_file_downloader.php. This makes it possible for unauthenticated attackers to read or delete files outside of the originally intended directory. Successful exploitation requires the targeted WordPress installation to be using PHP 7.4 or earlier.
CVE-2024-9047
Published Date: 2024-10-12T07:15:02.170
Last Modified: 2024-10-12T07:15:02.170
CVSS Score: 9.8 (CRITICAL)
EPSS Score: N/A
Risk Score: N/A
Risk Score based on CVSS score and EPSS. This score is for reference purposes and is not internationally recognized.
CVSS:
9.8 |
EPSS:
0%
Mitre ATT&CK Technical v15.1
T1053.002 – At
Technical Analysis & Mitigation Measures
1. Technical Attack Analysis:
– Attack Techniques :
– Path Traversal : The vulnerability allows attackers to manipulate file paths to access files outside the intended directory, which can lead to unauthorized file reading or deletion.
– Exploitation : An unauthenticated user could exploit this vulnerability to read sensitive files (e.g., configuration files, user data) or delete critical files, potentially causing denial of service or data loss.
– Conditions for Exploitation : Successful exploitation is contingent upon the targeted WordPress installation running PHP 7.4 or earlier, which may limit the attack surface based on the PHP version in use.
2. Mitigation Measures:
– Update the WordPress File Upload plugin to the latest version.
– Upgrade PHP to a version above 7.4.
– Implement strict file permission controls on the server.
– Use a web application firewall (WAF) to detect and block malicious requests.
– Regularly audit and monitor server logs for suspicious activity.
– Disable unused plugins and themes to reduce attack vectors.
– Educate users on safe file upload practices.
The content above is generated by AI. Please review and consider carefully before applying!
Reference Links
Vendor - Produce - Version
None
Disclaimer
The content on this website is automatically sourced from external websites such as the National Vulnerability Database (NVD), GitHub, and other security-related sources. This content is for reference purposes only, and we are not responsible for the accuracy or integrity of the information linked or displayed from these sources.