What is CVE-2024-8352 — Directory Traversal in Social Web Suite?

CVE-2024-8352 is a directory traversal vulnerability affecting the Social Web Suite plugin for WordPress, allowing attackers to read arbitrary files on the server.

Am I affected by CVE-2024-8352 in Social Web Suite?

You are affected if you are using Social Web Suite versions 4.1.11 or earlier. Check your plugin version and upgrade immediately.

How do I fix CVE-2024-8352 in Social Web Suite?

Upgrade to the latest version of the Social Web Suite plugin. If immediate upgrade is not possible, implement WAF rules to block path traversal attempts.

Is CVE-2024-8352 being actively exploited?

Currently, there are no confirmed reports of active exploitation, but the ease of exploitation suggests potential future targeting.

Where can I find the official Social Web Suite advisory for CVE-2024-8352?

Refer to the plugin developer's website or WordPress plugin repository for the official advisory and update information.

CVE-2024-8352 — Vulnerability Details

NEXTGUARD

Gratis scannen

CVE-2024-8352 — Vulnerability Details | NextGuard

Detectiestappenwordt vertaald…

• wordpress / composer / npm:

grep -r "download_log function" /var/www/html/wp-content/plugins/social-web-suite-social-media-auto-post-social-media-auto-publish/

• generic web:

curl -I 'http://your-wordpress-site.com/wp-content/plugins/social-web-suite-social-media-auto-post-social-media-auto-publish/../../../../etc/passwd' # Attempt to access sensitive files

Social Web Suite – Social Media Auto Post, Social Media Auto Publish <= 4.1.11 - Directory Traversal naar Arbitrair Bestand Downloaden

Impact en Aanvalsscenarios

Uitbuitingscontext

Wie Loopt Risicowordt vertaald…

Detectiestappenwordt vertaald…

Aanvalstijdlijn

Dreigingsinformatie

Getroffen Software

Zwakheidsclassificatie (CWE)

Tijdlijn

Mitigatie en Workarounds

Hoe te verhelpenwordt vertaald…

CVE Beveiligingsnieuwsbrief

Veelgestelde vragenwordt vertaald…

What is CVE-2024-8352 — Directory Traversal in Social Web Suite?

Am I affected by CVE-2024-8352 in Social Web Suite?

How do I fix CVE-2024-8352 in Social Web Suite?

Is CVE-2024-8352 being actively exploited?

Where can I find the official Social Web Suite advisory for CVE-2024-8352?

Pakketinformatie

Is jouw project getroffen?

Detecteer deze CVE in je project