Kostenlos scannen
HIGHCVE-2024-10011CVSS 8.1

BuddyPress <= 14.1.0 - Authenticated (Subscriber+) Directory Traversal

Plattform

wordpress

Komponente

buddypress

Behoben in

14.1.1

AI Confidence: highNVDEPSS 1.3%Geprüft: Mai 2026
Auf NVD ansehen
Speichern
Wird in Ihre Sprache übersetzt…

CVE-2024-10011 is a Directory Traversal vulnerability discovered in the BuddyPress plugin for WordPress. This flaw allows authenticated attackers with Subscriber-level access or higher to access files outside the intended directory, potentially leading to sensitive data exposure or malicious file uploads. The vulnerability impacts versions of BuddyPress up to and including 14.1.0, and is specifically observed on Windows systems. A patch is available.

WordPress

Erkenne diese CVE in deinem Projekt

Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.

Kostenlos scannen

Auswirkungen und Angriffsszenarien

The primary impact of CVE-2024-10011 is the potential for unauthorized file access and manipulation. An attacker, having Subscriber-level access or greater within a WordPress site using BuddyPress, can exploit the id parameter to traverse directories and access sensitive files. This could include configuration files, source code, or even system files, depending on server permissions. The ability to upload files outside the web root presents a significant risk, as attackers could potentially place malicious code or files in locations that are not normally accessible, but could still be executed by the server. The vulnerability is limited to Windows environments, which may reduce the overall attack surface but still poses a serious threat to Windows-based WordPress deployments.

Ausnutzungskontext

CVE-2024-10011 was publicly disclosed on 2024-10-25. There is no indication of active exploitation campaigns or a KEV listing at the time of this writing. Public proof-of-concept exploits are not yet widely available, but the vulnerability's nature makes it likely that such exploits will emerge. The EPSS score is currently unknown, but the ease of exploitation and potential impact suggest a medium to high probability of exploitation if left unpatched.

Wer Ist Gefährdetwird übersetzt…

WordPress websites utilizing the BuddyPress plugin, particularly those running on Windows servers, are at risk. Shared hosting environments where users have Subscriber-level access or higher are also particularly vulnerable, as attackers can leverage this privilege to exploit the flaw. Legacy WordPress installations with outdated BuddyPress versions are also at increased risk.

Erkennungsschrittewird übersetzt…

• wordpress / composer / npm:

grep -r 'id=../' /var/www/html/wp-content/plugins/buddypress/*

• generic web:

curl -I 'http://your-wordpress-site.com/wp-content/plugins/buddypress/?id=../etc/passwd' # Check for file disclosure

Angriffszeitlinie

  1. Disclosure

    disclosure

Bedrohungsanalyse

Exploit-Status

Proof of ConceptUnbekannt
CISA KEVNO
Internet-ExponierungHoch

EPSS

1.31% (80% Perzentil)

CISA SSVC

Ausnutzungnone
Automatisierbarno
Technische Auswirkungtotal

CVSS-Vektor

BEDROHUNGSANALYSE· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N8.1HIGHAttack VectorNetworkWie der Angreifer das Ziel erreichtAttack ComplexityLowBedingungen zur erfolgreichen AusnutzungPrivileges RequiredLowErforderliche AuthentifizierungsstufeUser InteractionNoneOb ein Opfer eine Aktion ausführen mussScopeUnchangedAuswirkungen über die Komponente hinausConfidentialityHighRisiko der Offenlegung sensibler DatenIntegrityHighRisiko nicht autorisierter DatenänderungAvailabilityNoneRisiko der Dienstunterbrechungnextguardhq.com · CVSS v3.1 Basis-Score
Was bedeuten diese Metriken?
Attack Vector
Netzwerk — aus der Ferne über das Internet ausnutzbar. Kein physischer oder lokaler Zugriff erforderlich.
Attack Complexity
Niedrig — keine besonderen Bedingungen erforderlich. Zuverlässig ausnutzbar.
Privileges Required
Niedrig — jedes gültige Benutzerkonto ist ausreichend.
User Interaction
Keine — automatischer und lautloser Angriff. Das Opfer tut nichts.
Scope
Unverändert — Auswirkung auf das anfällige Komponente beschränkt.
Confidentiality
Hoch — vollständiger Vertraulichkeitsverlust. Angreifer kann alle Daten lesen.
Integrity
Hoch — Angreifer kann beliebige Daten schreiben, ändern oder löschen.
Availability
Keine — kein Verfügbarkeitseinfluss.

Betroffene Software

Komponentebuddypress
Herstellerbuddypress
Betroffener BereichBehoben in
* – 14.1.014.1.1

Paketinformationen

Aktive Installationen
100KBeliebt
Plugin-Bewertung
4.1
Erfordert WordPress
6.1+
Kompatibel bis
6.8.5
Erfordert PHP
5.6+
Website

Schwachstellen-Klassifikation (CWE)

CWE-22

Zeitleiste

  1. Reserviert
  2. Veröffentlicht
  3. EPSS aktualisiert
Kein Patch — 576 Tage seit Offenlegung

Mitigation und Workarounds

The primary mitigation for CVE-2024-10011 is to upgrade BuddyPress to a patched version. The vendor has not released a specific fixed version in the provided data, so monitor the official BuddyPress website and WordPress plugin repository for updates. As an interim measure, implement a Web Application Firewall (WAF) rule to block requests containing suspicious directory traversal patterns in the id parameter. Specifically, look for sequences like ../ or absolute paths. Additionally, review file permissions on the server to ensure that the BuddyPress plugin directory and its contents have the minimum necessary permissions. After upgrading, confirm the fix by attempting to access files outside the intended directory using a test account with Subscriber-level access.

So behebenwird übersetzt…

Actualice el plugin BuddyPress a la última versión disponible. Esto solucionará la vulnerabilidad de recorrido de directorios. Si no puede actualizar, considere desactivar el plugin hasta que pueda realizar la actualización.

CVE-Sicherheitsnewsletter

Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.

Häufig gestellte Fragenwird übersetzt…

What is CVE-2024-10011 — Directory Traversal in BuddyPress?

CVE-2024-10011 is a Directory Traversal vulnerability affecting BuddyPress versions up to 14.1.0. It allows authenticated attackers to access files outside the intended directory, potentially leading to data exposure or malicious file uploads.

Am I affected by CVE-2024-10011 in BuddyPress?

You are affected if you are using BuddyPress version 14.1.0 or earlier, and your WordPress installation is on a Windows server. Check your plugin version and upgrade immediately if vulnerable.

How do I fix CVE-2024-10011 in BuddyPress?

Upgrade BuddyPress to the latest available version. Monitor the WordPress plugin repository for updates. Implement WAF rules to block suspicious requests as a temporary workaround.

Is CVE-2024-10011 being actively exploited?

As of now, there are no confirmed reports of active exploitation, but it's crucial to apply the patch promptly to prevent potential attacks.

Where can I find the official BuddyPress advisory for CVE-2024-10011?

Refer to the official WordPress plugin repository and BuddyPress project website for updates and advisories related to CVE-2024-10011.

Ist dein Projekt betroffen?

Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.

Kostenlos scannenCVEs suchen