Vulnerability Description
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. This makes it possible for authenticated attackers to cut and paste (copy) the contents of arbitrary files on the server, which can contain sensitive information, and to cut (delete) arbitrary directories, including the root WordPress directory. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery edit permissions to lower level users, which might make this exploitable by users as low as contributors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| 10Web | Photo Gallery | < 1.8.24 |
Related Weaknesses (CWE)
References
- https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/contrProduct
- https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/contrProduct
- https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/contrProduct
- https://plugins.trac.wordpress.org/changeset/3098798/Patch
- https://wordpress.org/plugins/photo-gallery/#developersProductRelease Notes
- https://www.wordfence.com/threat-intel/vulnerabilities/id/76c38826-4d49-4204-b6bThird Party Advisory
- https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/contrProduct
- https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/contrProduct
- https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/contrProduct
- https://plugins.trac.wordpress.org/changeset/3098798/Patch
- https://wordpress.org/plugins/photo-gallery/#developersProductRelease Notes
- https://www.wordfence.com/threat-intel/vulnerabilities/id/76c38826-4d49-4204-b6bThird Party Advisory
FAQ
What is CVE-2024-5481?
CVE-2024-5481 is a vulnerability with a CVSS score of 6.8 (MEDIUM). The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. This makes it pos...
How severe is CVE-2024-5481?
CVE-2024-5481 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-5481?
Check the references section above for vendor advisories and patch information. Affected products include: 10Web Photo Gallery.