Plataforma
wordpress
Componente
wp-file-upload
Corrigido em
4.24.12
CVE-2024-9047 is a critical path traversal vulnerability affecting the WordPress File Upload plugin. This flaw allows unauthenticated attackers to potentially read or delete arbitrary files on the server, significantly compromising the integrity and confidentiality of the WordPress installation. The vulnerability impacts versions up to and including 4.24.11 and requires the targeted site to be running PHP 7.4 or earlier. A patch is available from the plugin developers.
The path traversal vulnerability in the WordPress File Upload plugin presents a severe risk to WordPress installations. An attacker could exploit this flaw to read sensitive configuration files, database credentials, or even system files. Successful exploitation could lead to complete server compromise, data exfiltration, and denial of service. The requirement for PHP 7.4 or earlier further exacerbates the risk, as many legacy WordPress sites still rely on these older PHP versions. This vulnerability is particularly concerning because it requires no authentication, making it accessible to a wide range of attackers.
CVE-2024-9047 was publicly disclosed on 2024-10-12. While no public proof-of-concept (PoC) has been widely reported, the ease of exploitation and the lack of authentication make it a likely target for opportunistic attackers. The vulnerability's severity (CVSS 9.8) and the requirement for older PHP versions suggest a potential for exploitation in vulnerable environments. Monitor security advisories and threat intelligence feeds for any indications of active exploitation.
WordPress websites using the File Upload plugin, particularly those running PHP 7.4 or earlier, are at significant risk. Shared hosting environments where WordPress installations are managed by a hosting provider are also vulnerable, as they may not be promptly updated. Sites relying on legacy configurations or those with limited security monitoring are especially susceptible to exploitation.
• wordpress / composer / npm:
grep -r "wfu_file_downloader.php" /var/www/wordpress/• wordpress / composer / npm:
wp plugin list | grep "File Upload"• wordpress / composer / npm:
wp plugin update --all• generic web:
Check for the existence of wfufiledownloader.php in the WordPress directory structure.
• generic web:
Monitor access logs for requests containing path traversal sequences (e.g., ../) targeting the wfufiledownloader.php endpoint.
disclosure
Status do Exploit
EPSS
93.62% (percentil 100%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2024-9047 is to immediately upgrade the WordPress File Upload plugin to the latest available version. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider temporarily restricting file download access via the wfufiledownloader.php endpoint. Web application firewalls (WAFs) can be configured to block requests containing path traversal attempts (e.g., ../ sequences). Regularly scan your WordPress installation for outdated plugins and themes to reduce the overall attack surface. After upgrading, verify the fix by attempting to access files outside the intended directory via the file download endpoint – access should be denied.
Atualize o plugin WordPress File Upload para a última versão disponível. Isso corrigirá a vulnerabilidade de travessia de caminho que permite a leitura e exclusão de arquivos não autorizados.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2024-9047 is a critical path traversal vulnerability in the WordPress File Upload plugin, allowing attackers to read or delete files outside the intended directory via wfufiledownloader.php.
You are affected if you are using WordPress File Upload plugin versions 4.24.11 or earlier, and your WordPress site is running PHP 7.4 or earlier.
Upgrade the WordPress File Upload plugin to the latest available version. If immediate upgrade is not possible, restrict access to wfufiledownloader.php.
While no widespread exploitation has been confirmed, the vulnerability's severity and ease of exploitation suggest a potential for active campaigns.
Refer to the WordPress security announcements and the plugin developer's website for the latest advisory and patch information.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.