// For flags

CVE-2024-2024

Folders Pro <= 3.0.2 - Authenticated(Author+) Arbitrary File Upload via handle_folders_file_upload

Severity Score

8.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

50
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track*
*SSVC
Descriptions

The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_folders_file_upload' function in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with author access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

El complemento Folders Pro para WordPress es vulnerable a cargas de archivos arbitrarias debido a la falta de validación del tipo de archivo en la función 'handle_folders_file_upload' en todas las versiones hasta la 3.0.2 incluida. Esto hace posible que atacantes autenticados, con acceso de autor y superior, carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecución remota de código.

*Credits: Colin Xu
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:Track*
Exploitation
None
Automatable
No
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2024-01-14 First Exploit
  • 2024-02-29 CVE Reserved
  • 2024-06-13 CVE Published
  • 2024-08-01 CVE Updated
  • 2024-12-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (52)
URL Tag Source
https://plugins.trac.wordpress.org/browser/folders/tags/3.0/includes/media.replace.php#L1311
https://www.wordfence.com/threat-intel/vulnerabilities/id/fa1d953f-6a5c-46af-a1a5-2c4f90da679a?source=cve
URL Date SRC
https://github.com/Notselwyn/CVE-2024-1086 2024-04-07
https://github.com/amalmurali47/git_rce 2024-05-19
https://github.com/zgzhang/cve-2024-6387-poc 2024-07-01
https://github.com/acrono/cve-2024-6387-poc 2024-07-01
https://github.com/amlweems/xzbot 2024-04-03
https://github.com/h4x0r-dz/CVE-2024-23897 2024-01-28
https://github.com/h4x0r-dz/CVE-2024-3400 2024-04-16
https://github.com/h4x0r-dz/CVE-2024-21762 2024-03-16
https://github.com/h4x0r-dz/CVE-2024-21893.py 2024-02-02
https://github.com/hakaioffsec/CVE-2024-21338 2024-04-16
https://github.com/varwara/CVE-2024-26229 2024-06-17
https://github.com/xaitax/CVE-2024-6387_Check 2024-07-04
https://github.com/xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability 2024-02-19
https://github.com/xaitax/CVE-2024-23897 2024-02-29
https://github.com/blkph0x/CVE_2024_30078_POC_WIFI 2024-07-02
https://github.com/mansk1es/CVE-2024-21111 2024-04-27
https://github.com/watchtowrlabs/CVE-2024-4577 2024-06-07
https://github.com/watchtowrlabs/CVE-2024-27130 2024-05-17
https://github.com/tykawaii98/CVE-2024-30088 2024-06-24
https://github.com/lvyitian/CVE-2024-30078- 2024-06-15
https://github.com/0x0d3ad/CVE-2024-3400 2024-04-18
https://github.com/duy-31/CVE-2024-21413 2024-02-17
https://github.com/W01fh4cker/CVE-2024-27198-RCE 2024-03-11
https://github.com/W01fh4cker/ScreenConnect-AuthBypass-RCE 2024-02-22
https://github.com/W01fh4cker/CVE-2024-21683-RCE 2024-05-27
https://github.com/W01fh4cker/CVE-2024-22120-RCE 2024-05-21
https://github.com/Chocapikk/CVE-2024-25600 2024-02-25
https://github.com/Chocapikk/CVE-2024-3273 2024-04-07
https://github.com/Chocapikk/CVE-2024-21887 2024-01-17
https://github.com/R00tkitSMM/CVE-2024-27804 2024-05-14
https://github.com/lflare/cve-2024-6387-poc 2024-07-01
https://github.com/LOURC0D3/CVE-2024-4367-PoC 2024-06-07
https://github.com/safebuffer/CVE-2024-32002 2024-05-18
https://github.com/pl4int3xt/cve_2024_0044 2024-06-19
https://github.com/xcanwin/CVE-2024-4577-PHP-RCE 2024-06-11
https://github.com/exploits-forsale/CVE-2024-21345 2024-04-26
https://github.com/exploits-forsale/CVE-2024-26218 2024-04-26
https://github.com/Wh04m1001/CVE-2024-20656 2024-01-14
https://github.com/sinsinology/CVE-2024-4358 2024-06-06
https://github.com/sinsinology/CVE-2024-29849 2024-06-13
https://github.com/TAM-K592/CVE-2024-4577 2024-06-11
https://github.com/RalfHacker/CVE-2024-26229-exploit 2024-06-11
https://github.com/ysanatomic/io_uring_LPE-CVE-2024-0582 2024-03-29
https://github.com/lockness-Ko/xz-vulnerable-honeypot 2024-04-02
https://github.com/diego-tella/CVE-2024-27956-RCE 2024-05-03
https://github.com/GlassyAmadeus/CVE-2024-20931 2024-02-02
https://github.com/bjrjk/CVE-2024-29943 2024-06-29
https://github.com/binganao/CVE-2024-23897 2024-02-01
https://github.com/BishopFox/cve-2024-21762-check 2024-06-14
https://github.com/byinarie/CVE-2024-3094-info 2024-04-01
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Premio
Search vendor "Premio"
 Folders Pro
Search vendor "Premio" for product "Folders Pro"
 <= 3.0.2
Search vendor "Premio" for product "Folders Pro" and version " <= 3.0.2"
en
Affected