CVE-2024-9047 Scanner

CVE-2024-9047 Scanner - Arbitrary File Read vulnerability in WordPress File Upload

Short Info


Level

Critical

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

16 days 20 hours

Scan only one

Domain, IPv4, Subdomain

Toolbox

-

The WordPress File Upload plugin is a widely used tool for adding file upload capabilities to WordPress websites. It is particularly valued for its flexibility and ease of use, enabling site administrators to allow visitors to upload files securely. This plugin is often adopted by businesses and developers to enhance functionality on WordPress platforms.

This vulnerability enables unauthenticated attackers to perform arbitrary file read operations through the `wfu_file_downloader.php` script in WordPress File Upload plugin versions up to and including 4.24.11. Exploitation is possible on WordPress installations using PHP 7.4 or earlier, bypassing intended file access restrictions.

The vulnerability stems from a Path Traversal flaw in the plugin's file download mechanism. Attackers can craft specific requests to the `wfu_file_downloader.php` endpoint to access files outside the intended directories, including sensitive server files such as `/etc/passwd`. This is caused by insufficient sanitization of user input.

Successful exploitation can expose sensitive information, such as configuration files and user data, to unauthorized users. This could be leveraged to further compromise the affected system, disrupt services, or steal sensitive data. The vulnerability poses a critical risk, especially for websites relying on older PHP versions.

REFERENCES

Get started to protecting your Free Full Security Scan