CVE-2024-6228
WordPress · Notifications for Forms & WordPress Actions
A path traversal vulnerability in the Notifications for Forms & WordPress Actions plugin allows authenticated users to access or manipulate restricted files.
Executive summary
An authenticated path traversal vulnerability in the Notifications for Forms & WordPress Actions plugin could allow attackers to gain unauthorized access to sensitive files on the server.
Vulnerability
The plugin fails to properly validate pathnames, leading to a path traversal vulnerability. An attacker with authenticated access (typically subscriber level or higher) can leverage this flaw to escape the intended directory and access sensitive system files.
Business impact
Exploitation of this vulnerability could lead to the exposure of sensitive configuration files, database credentials, or source code, resulting in total system compromise. With a CVSS score of 7.5, the impact is severe, as it enables lateral movement and further exploitation within the WordPress environment.
Remediation
Immediate Action: Update the "Notifications for Forms & WordPress Actions" plugin to version 2.6 or later immediately.
Proactive Monitoring: Review web server access logs for directory traversal patterns (e.g., ../../) targeting the plugin's directory.
Compensating Controls: Utilize a Web Application Firewall (WAF) with updated rulesets to block path traversal attempts targeting the WordPress installation.
Exploitation status
Public Exploit Available: false
Analyst recommendation
Administrators must verify the version of the installed plugin and apply updates immediately. Given the potential for full system compromise, this should be treated as a high-priority maintenance task.