CVE-2023-3813 – The Jupiter X Core WordPress plugin (premium ve... (How to Fix)

Q: What is the severity of CVE-2023-3813?

CVE-2023-3813 has a CVSS score of 7.5 (HIGH). The Jupiter X Core WordPress plugin (premium version) contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files from the server. This affects versions up to and including 2.5.0. Attackers can access sensitive files like configuration files, database credentials, or other confidential data.

📋 TL;DR

The Jupiter X Core WordPress plugin (premium version) contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files from the server. This affects versions up to and including 2.5.0. Attackers can access sensitive files like configuration files, database credentials, or other confidential data.

💻 Affected Systems

Products:

Jupiter X Core WordPress Plugin

Versions: Up to and including 2.5.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires premium version activation; free version not affected.

📦 What is this software?

Jupiter X Core by Artbees

View all CVEs affecting Jupiter X Core →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise through exposure of sensitive credentials, database dumps, or configuration files leading to further attacks.

🟠

Likely Case

Exfiltration of sensitive WordPress configuration files (wp-config.php) containing database credentials and other secrets.

🟢

If Mitigated

Limited impact if file permissions restrict access to sensitive files or if web server configuration prevents directory traversal.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple HTTP requests with crafted parameters can trigger the vulnerability.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.5.1

Vendor Advisory: https://plugins.trac.wordpress.org/browser/jupiterx-core/trunk/includes/extensions/raven/includes/utils.php?rev=2777235#L425

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Jupiter X Core and update to version 2.5.1 or later. 4. Verify update completes successfully.

🔧 Temporary Workarounds

Disable Plugin

all

Temporarily disable the Jupiter X Core plugin until patched.

wp plugin deactivate jupiterx-core

Web Server Restrictions

linux

Add web server rules to block access to vulnerable endpoints.

# Apache: Add to .htaccess
RewriteRule ^wp-content/plugins/jupiterx-core.* - [F,L]
# Nginx: Add to server block
location ~* /wp-content/plugins/jupiterx-core { deny all; }

🧯 If You Can't Patch

Restrict network access to WordPress admin interface using firewall rules.
Implement web application firewall (WAF) rules to block path traversal patterns.

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins for Jupiter X Core version 2.5.0 or earlier.

Check Version:

wp plugin get jupiterx-core --field=version

Verify Fix Applied:

Confirm Jupiter X Core plugin version is 2.5.1 or later in WordPress admin.

📡 Detection & Monitoring

Log Indicators:

HTTP requests to /wp-content/plugins/jupiterx-core/ with file= parameter containing ../ patterns
Unusual file access patterns from single IP addresses

Network Indicators:

HTTP GET requests with file= parameter containing path traversal sequences (../)

SIEM Query:

source="web_access_logs" AND uri="/wp-content/plugins/jupiterx-core/*" AND (query="*file=*../*" OR query="*file=*..%2f*")

📊 Metadata

CVE ID: CVE-2023-3813

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

Published: July 21, 2023

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-3813, you might also want to check these: