Cyber Resilience

CVE-2024-54374

High

Published: 16 December 2024

Published
16 December 2024
Modified
23 April 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.2066 95.7th percentile
Risk Priority 27 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-54374 is a high-severity Path Traversal (CWE-22) vulnerability. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 4.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

The vulnerability CVE-2024-54374 is a path traversal flaw (CWE-22) that permits PHP local file inclusion in the Sogrid WordPress plugin by Sabri. It affects all versions through 1.5.6 and carries a CVSS 3.1 score of 7.5.

An unauthenticated remote attacker can trigger the issue over the network, although successful exploitation demands high attack complexity and user interaction. When conditions are met, the attacker can include arbitrary local PHP files, resulting in high impact to confidentiality, integrity, and availability.

The Patchstack advisory at the referenced URL identifies the affected plugin versions and serves as the primary source for mitigation guidance, which centers on applying the vendor-supplied update once released. The EPSS score has remained flat at 0.2066 with no material rise observed since disclosure.

EU & UK References

Vulnerability details

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Sabri Sogrid sogrid allows PHP Local File Inclusion.This issue affects Sogrid: from n/a through <= 1.5.6.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-22

Validates pathnames and filenames to prevent traversal outside intended directories.

References