Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2024-9047

CWE-22 — Path Traversal5 documents5 sources

Severity

9.8CRITICAL

EPSS

93.6%

top 0.16%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Iptanus Wordpress File Upload Nickboss Iptanus File Upload

Timeline

PublishedOct 12

Description

The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.11 via wfu_file_downloader.php. This makes it possible for unauthenticated attackers to read or delete files outside of the originally intended directory. Successful exploitation requires the targeted WordPress installation to be using PHP 7.4 or earlier.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

▶NVDiptanus/wordpress_file_upload< 4.24.12

▶CVEListV5nickboss/iptanus_file_upload4.24.11

Patches

Patch: plugins.trac.wordpress.org ↗

🔴Vulnerability Details

CVEList

WordPress File Upload <= 4.24.11 - Unauthenticated Path Traversal to Arbitrary File Read and Deletion in wfu_file_downloader.php↗2024-10-12

▶

GHSA

GHSA-wphm-3gx3-274q: The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4↗2024-10-12

▶

VulnCheck

iptanus wordpress_file_upload Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')↗2024

▶

💥Exploits & PoCs

Nuclei

WordPress File Upload <= 4.24.11 - Arbitrary File Read

▶