JVN#85380030
WordPress Plugin "Download Plugins and Themes from Dashboard" vulnerable to path traversal
Overview
WordPress Plugin "Download Plugins and Themes from Dashboard" provided by WPFactory LLC contains a path traversal vulnerability.
Products Affected
- Download Plugins and Themes from Dashboard versions prior to 1.8.6
Description
WordPress Plugin "Download Plugins and Themes from Dashboard" provided by WPFactory LLC contains a path traversal vulnerability (CWE-22).
Impact
The user with "switch_themes" privilege may obtain arbitrary files on the server.
Solution
Update the plugin
Update the plugin to the latest version according to the information provided by the developer.
Vendor Status
| Vendor | Link |
| WPFactory LLC | Download Plugins and Themes from Dashboard – WordPress plugin |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
Credit
Gen Sato of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to WPFactory LLC and coordinated. After the coordination was completed, this case was reported to IPA under Information Security Early Warning Partnership, and JPCERT/CC coordinated with the developer for publishing of this advisory.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2024-35162 |
| JVN iPedia |
JVNDB-2024-000049 |