Plattform
wordpress
Komponente
eduadmin-booking
Behoben in
5.2.1
CVE-2024-54373 describes a Path Traversal vulnerability within the EduAdmin Booking plugin for WordPress. This vulnerability allows an attacker to include arbitrary files on the server, potentially leading to sensitive data disclosure or even remote code execution. The vulnerability impacts versions of EduAdmin Booking up to and including 5.2.0, and a patch has been released in version 5.2.1.
The Path Traversal vulnerability in EduAdmin Booking allows attackers to bypass intended access controls and include files from outside the designated directory. Successfully exploiting this flaw could enable an attacker to read sensitive configuration files, database credentials, or even execute arbitrary PHP code if the included file contains malicious code. The potential impact extends beyond data exposure; an attacker could gain control of the WordPress instance and potentially pivot to other systems on the network, depending on the server's configuration and privileges assigned to the web server user. This vulnerability shares similarities with other Local File Inclusion (LFI) vulnerabilities, where attackers leverage path manipulation to access unauthorized resources.
CVE-2024-54373 was publicly disclosed on December 16, 2024. There is currently no indication of this vulnerability being actively exploited in the wild, nor is it listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, but the vulnerability's nature (LFI) makes it relatively straightforward to exploit once a suitable attack vector is identified. The CVSS score of 7.5 (HIGH) reflects the potential for significant impact if exploited.
WordPress websites utilizing the EduAdmin Booking plugin, particularly those running versions prior to 5.2.1, are at risk. Shared hosting environments where multiple websites share the same server resources are especially vulnerable, as a compromise of one site could potentially lead to the compromise of others. Sites with legacy configurations or those that have not implemented robust security practices are also at increased risk.
• wordpress / composer / npm:
grep -r "../" /var/www/html/eduadmin-booking/*• generic web:
curl -I http://your-wordpress-site.com/eduadmin-booking/../../../../etc/passwd• wordpress / composer / npm:
wp plugin list --status=inactive | grep eduadmin-bookingdisclosure
Exploit-Status
EPSS
0.18% (40% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-54373 is to immediately upgrade EduAdmin Booking to version 5.2.1 or later. If upgrading is not immediately feasible due to compatibility issues or testing requirements, consider implementing a temporary workaround by restricting file access permissions on the server. Specifically, ensure that the web server user has limited write access to the EduAdmin Booking plugin directory. Additionally, implement a Web Application Firewall (WAF) rule to block requests containing path traversal sequences (e.g., ../). Monitor WordPress logs for suspicious file access attempts and unusual PHP execution patterns. After upgrading, confirm the fix by attempting to access a non-existent file via a path traversal request; the server should return a 404 error.
Actualice el plugin EduAdmin Booking a la última versión disponible. La vulnerabilidad de inclusión de archivos locales (LFI) se soluciona en versiones posteriores a la 5.2.0. Consulte el registro de cambios del plugin para obtener más detalles sobre la corrección.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-54373 is a Path Traversal vulnerability in EduAdmin Booking allowing attackers to include arbitrary files, potentially leading to sensitive data exposure or remote code execution.
You are affected if you are using EduAdmin Booking version 5.2.0 or earlier. Upgrade to version 5.2.1 to mitigate the risk.
Upgrade EduAdmin Booking to version 5.2.1 or later. If immediate upgrade is not possible, implement temporary workarounds like WAF rules and restricted file access.
As of now, there is no confirmed active exploitation, but the vulnerability's nature makes exploitation likely.
Refer to the EduAdmin Booking website or plugin repository for the official advisory and release notes.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.