CVE-2024-10470
Published: 09 November 2024
Summary
CVE-2024-10470 is a critical-severity Path Traversal (CWE-22) vulnerability in Vibethemes Wordpress Learning Management System. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 2.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
The WPLMS Learning Management System for WordPress, also known as the WordPress LMS theme, contains a path traversal vulnerability (CWE-22) in all versions through 4.962. Insufficient validation of file paths and permissions in the readfile and unlink functions allows arbitrary file read and deletion operations; the flaw is present even when the theme is inactive.
Unauthenticated attackers can exploit the issue over the network to delete any file on the server. Deletion of critical files such as wp-config.php can readily result in remote code execution, producing a CVSS 3.1 score of 9.8.
Wordfence and the vendor listing on ThemeForest document the flaw and affected versions; no further mitigation details are supplied in the available references. The associated EPSS score reached a peak of 0.5446 before receding to its current value of 0.4849.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-33144
Vulnerability details
The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation and permissions checks in the readfile and unlink functions in all versions up to,…
more
and including, 4.962. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). The theme is vulnerable even when it is not activated.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Validates pathnames and filenames to prevent traversal outside intended directories.