CVE-2024-56249
Published: 02 January 2025
Summary
CVE-2024-56249 is a critical-severity Unrestricted Upload of File with Dangerous Type (CWE-434) vulnerability. Its CVSS base score is 9.1 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Web Shell (T1505.003); ranked in the top 2.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
The vulnerability CVE-2024-56249 is an unrestricted upload of a file with dangerous type (CWE-434) in the WPMasterToolKit WordPress plugin. It affects all versions through 1.13.1 and allows an attacker to upload files such as web shells directly to the server.
An authenticated user with high privileges can exploit the flaw over the network with low attack complexity and no user interaction required. Successful exploitation grants code execution that impacts confidentiality, integrity, and availability on the affected server, consistent with the CVSS 9.1 rating that includes a changed scope.
The vulnerability is documented in the Patchstack database entry for the WPMasterToolKit plugin, which identifies the arbitrary file upload issue in versions up to 1.13.1. The current EPSS score stands at 0.4816.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-53047
Vulnerability details
Unrestricted Upload of File with Dangerous Type vulnerability in Ludwig You WPMasterToolKit wpmastertoolkit allows Upload a Web Shell to a Web Server.This issue affects WPMasterToolKit: from n/a through <= 1.13.1.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unrestricted file upload (CWE-434) explicitly enables direct deployment of web shells to the web server.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates the CVE by requiring timely patching of the vulnerable WPMasterToolKit plugin to remediate the unrestricted file upload flaw.
Enforces validation of file upload inputs to block dangerous types like web shells, addressing the core CWE-434 vulnerability in the plugin.
Deploys malicious code protection mechanisms to scan for and prevent execution of web shells uploaded through the plugin's vulnerability.