Arbitrary File Inclusion Vulnerability in tagDiv Composer Plugin for WordPress
CVE-2024-3813

8.8HIGH

Key Information:

Vendor: Tagdiv
Status: Tagdiv Composer
Vendor: CVE Published:; 15 June 2024

Summary

The tagDiv Composer plugin for WordPress presents a vulnerability related to Local File Inclusion, exploitable in all versions up to and including 4.8. The issue arises from the 'td_block_title' shortcode and specifically its 'block_template_id' attribute, which can be manipulated by authenticated attackers with contributor-level permissions or higher. This vulnerability allows for the inclusion and execution of arbitrary files on the server, providing an opportunity to execute malicious PHP code. Attackers could leverage this flaw to bypass access controls, gain unauthorized access to sensitive information, or execute arbitrary commands, particularly in instances where a PHP file can be uploaded and included.

Affected Version(s)

tagDiv Composer * <= 4.8

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://tagdiv.com/tagdiv-composer-page-builder-basics/

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 15, 2024

Credit

István Márton