Platform
wordpress
Component
wpextended
Fixed in
3.0.9
CVE-2024-8104 is a Directory Traversal vulnerability affecting the WP Extended WordPress plugin. This vulnerability allows authenticated attackers, with subscriber access or higher, to read arbitrary files on the server. Versions of the plugin up to and including 3.0.8 are affected. A patch is available, and users are strongly advised to upgrade immediately.
The Directory Traversal vulnerability in WP Extended allows an attacker who has authenticated access (subscriber level or higher) to bypass intended file access restrictions. By manipulating the downloadfileajax function, an attacker can craft requests to access files outside of the intended directory. This could lead to the exposure of sensitive configuration files, database credentials, or even source code. The potential impact includes data breaches, unauthorized access to system resources, and potential for further exploitation if sensitive data is compromised. The ability to read arbitrary files significantly expands the attack surface.
CVE-2024-8104 was publicly disclosed on September 4, 2024. There are currently no known public exploits or active campaigns targeting this vulnerability. The vulnerability is not listed on the CISA KEV catalog at the time of writing. The relatively low complexity of the vulnerability suggests that a proof-of-concept may emerge, increasing the risk of exploitation.
Exploit Status
EPSS
3.09% (87% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to upgrade to a version of WP Extended newer than 3.0.8, which contains the fix. If immediate upgrading is not possible, implement temporary workarounds. A Web Application Firewall (WAF) can be configured to block requests containing suspicious characters or patterns in the file path. Restrict file access permissions on the server to minimize the potential damage if the vulnerability is exploited. Regularly review WordPress plugin installations and remove any unused or outdated plugins. Implement robust access controls and authentication mechanisms to limit the number of users with elevated privileges.
Actualice el plugin The Ultimate WordPress Toolkit – WP Extended a la última versión disponible. La vulnerabilidad de recorrido de directorios permite a usuarios autenticados con roles de suscriptor o superior leer archivos arbitrarios en el servidor. La actualización corrige esta vulnerabilidad.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-8104 is a Directory Traversal vulnerability in the WP Extended WordPress plugin, allowing authenticated users to read arbitrary files on the server.
You are affected if you are using WP Extended version 3.0.8 or earlier. Check your plugin version and upgrade immediately.
Upgrade to a version of WP Extended newer than 3.0.8. As a temporary workaround, implement WAF rules to restrict file access.
Currently, there are no confirmed reports of active exploitation, but the vulnerability's simplicity suggests potential for future exploitation.
Refer to the WP Extended plugin website or the WordPress plugin repository for the latest security advisory and update information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.