CVE-2024-9047

WordPress File Upload <= 4.24.11 - Unauthenticated Path Traversal to Arbitrary File Read and Deletion in wfu_file_downloader.php

Basic Information

CVE State: PUBLISHED
Reserved Date: September 20, 2024
Published Date: October 12, 2024
Last Updated: October 15, 2024
Vendor: nickboss
Product: WordPress File Upload
Description: The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.11 via wfu_file_downloader.php. This makes it possible for unauthenticated attackers to read or delete files outside of the originally intended directory. Successful exploitation requires the targeted WordPress installation to be using PHP 7.4 or earlier.
Tags

9.8 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploited in the Wild: Yes (2025-05-30 00:00:00 UTC)
Seen in APT Campaigns: Yes (added 2025-05-30 00:00:00 UTC) (Earth Lamia) Source

Source	Added Date
TrendMicro	2025-05-30 00:00:00 UTC

Scanner	URL	Date Detected
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-9047.yaml	2025-04-26 00:00:00 UTC

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

Type: github • Created: 2025-01-25 02:41:28 UTC • Stars: 2

Exploit for WordPress File Upload Plugin - All versions up to 4.24.11 are vulnerable.

Type: github • Created: 2025-01-08 07:27:16 UTC • Stars: 6

POC - WordPress File Upload plugin, in the wfu_file_downloader.php file before version <= 4.24.11

Type: github • Created: 2024-12-25 05:19:17 UTC • Stars: 4

WordPress File Upload插件任意文件读取漏洞（CVE-2024-9047）批量检测脚本