CVE-2024-0221 — CRITICAL (9.1)

Q: How severe is CVE-2024-0221?

CVE-2024-0221 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2024-0221?

Check the references section above for vendor advisories and patch information. Affected products include: 10Web Photo Gallery.

Vulnerability Description

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.8.19 via the rename_item function. This makes it possible for authenticated attackers to rename arbitrary files on the server. This can lead to site takeovers if the wp-config.php file of a site can be renamed. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery management permissions to lower level users, which might make this exploitable by users as low as contributors.

CVSS Score

9.1

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
10Web	Photo Gallery	< 1.8.20

Related Weaknesses (CWE)

CWE-22

References

https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/contrIssue Tracking
https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/contrIssue Tracking
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&newPatch
https://www.wordfence.com/threat-intel/vulnerabilities/id/3a3b8f32-f29d-4e67-8faPatchThird Party Advisory
https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/contrIssue Tracking
https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/contrIssue Tracking
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&newPatch
https://www.wordfence.com/threat-intel/vulnerabilities/id/3a3b8f32-f29d-4e67-8faPatchThird Party Advisory

FAQ

What is CVE-2024-0221?

CVE-2024-0221 is a vulnerability with a CVSS score of 9.1 (CRITICAL). The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.8.19 via the rename_item function. This mak...

How severe is CVE-2024-0221?

CVE-2024-0221 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2024-0221?

Check the references section above for vendor advisories and patch information. Affected products include: 10Web Photo Gallery.