Vulnerability in 10Web's Mobile-Friendly Image Gallery Plugin Allows Attackers to Access Sensitive Information and Delete Directories
CVE-2024-5481

8.8HIGH

Key Information:

Vendor: Wordpress
Status: Photo Gallery By 10web – Mobile-friendly Image Gallery
Vendor: CVE Published:; 7 June 2024

Summary

The Photo Gallery by 10Web, a popular mobile-friendly image gallery plugin for WordPress, is affected by a Path Traversal vulnerability that affects all versions up to and including 1.8.23. This vulnerability arises from the esc_dir function, allowing authenticated attackers to manipulate file system operations by accessing arbitrary files on the server. Attackers can potentially copy sensitive information from these files or delete directories, including critical folders in the WordPress root. Although by default this issue is primarily exploitable by administrators, users with gallery edit permissions, including lower-level contributors in the premium version, may also be at risk. This vulnerability places the integrity and confidentiality of web servers at significant risk and highlights the importance of proper user permission management.

Affected Version(s)

Photo Gallery by 10Web – Mobile-Friendly Image Gallery * <= 1.8.23

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/photo-gallery/...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 7, 2024
Vulnerability Reserved
May 29, 2024

Credit

Tobias Weißhaar