CVE-2024-13471
Published: 05 March 2025
Description
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Security Summary
CVE-2024-13471 affects the DesignThemes Core Features plugin for WordPress in all versions up to and including 4.7. The vulnerability stems from a missing capability check in the dt_process_imported_file function, enabling unauthorized access to data. This flaw, classified under CWE-22 (Path Traversal), allows attackers to read arbitrary files on the underlying operating system. It has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high confidentiality impact with low complexity and no privileges required.
Unauthenticated attackers can exploit this vulnerability remotely over the network without user interaction. By invoking the vulnerable function, they gain the ability to retrieve sensitive files from the server, such as configuration files, credentials, or other arbitrary data accessible to the web server process.
Advisories reference the Wordfence threat intelligence page for detailed vulnerability analysis and the ThemeForest listing for the associated LMS Learning Management System WordPress theme, which relies on the DesignThemes Core Features plugin. No specific patch details beyond updating past version 4.7 are provided in the core description.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Path traversal in public-facing WordPress plugin enables remote unauthenticated file reads, directly mapping to exploitation of public-facing applications (T1190) and collection of data from local system files (T1005).