CVE-2023-39163
📋 TL;DR
This vulnerability allows unauthenticated attackers to perform path traversal attacks in the Phlox Shop WordPress plugin, leading to local file inclusion. Attackers can read sensitive files like wp-config.php containing database credentials. All WordPress sites using Phlox Shop versions up to 2.0.0 are affected.
💻 Affected Systems
- Averta Phlox Shop WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete server compromise via reading wp-config.php database credentials, leading to database takeover, privilege escalation, and potential remote code execution.
Likely Case
Sensitive file disclosure including configuration files, user data, and potentially obtaining database credentials for further attacks.
If Mitigated
Limited impact if proper file permissions restrict access to sensitive files and web server runs with minimal privileges.
🎯 Exploit Status
Simple HTTP requests with path traversal payloads can exploit this vulnerability without authentication.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.0.1 or later
Vendor Advisory: https://patchstack.com/database/vulnerability/auxin-shop/wordpress-phlox-shop-plugin-2-0-0-unauthenticated-local-file-inclusion-vulnerability
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Phlox Shop plugin. 4. Click 'Update Now' if available. 5. If no update available, download version 2.0.1+ from WordPress repository and manually update.
🔧 Temporary Workarounds
Disable Phlox Shop Plugin
allTemporarily disable the vulnerable plugin until patched
wp plugin deactivate auxin-shop
Web Application Firewall Rule
allBlock path traversal patterns in requests
Add WAF rule to block requests containing '../' patterns
🧯 If You Can't Patch
- Implement strict file permissions (chmod 600 for sensitive files like wp-config.php)
- Deploy web application firewall with path traversal detection rules
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel > Plugins > Phlox Shop version. If version is 2.0.0 or lower, you are vulnerable.Check Version:
wp plugin get auxin-shop --field=versionVerify Fix Applied:
Verify plugin version is 2.0.1 or higher in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- HTTP requests containing '../' patterns to Phlox Shop endpoints
- Multiple 200 OK responses for unusual file paths
Network Indicators:
- HTTP GET requests with path traversal payloads to /wp-content/plugins/auxin-shop/
SIEM Query:
source="web_logs" AND (uri="*../*" OR uri="*..\\*" OR uri="*%2e%2e%2f*") AND uri="*/wp-content/plugins/auxin-shop/*"🔗 References
- https://patchstack.com/database/vulnerability/auxin-shop/wordpress-phlox-shop-plugin-2-0-0-unauthenticated-local-file-inclusion-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/auxin-shop/wordpress-phlox-shop-plugin-2-0-0-unauthenticated-local-file-inclusion-vulnerability?_s_id=cve
