CVE-2024-12885
📋 TL;DR
This vulnerability allows authenticated WordPress administrators to delete arbitrary directories on the server due to insufficient path validation in the Connections Business Directory plugin. Attackers with admin privileges can delete critical system folders, potentially causing service disruption or data loss. Only WordPress sites using vulnerable versions of this plugin are affected.
💻 Affected Systems
- Connections Business Directory WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete server compromise through deletion of critical system directories like /etc, /bin, or web root, leading to total service disruption, data loss, and potential privilege escalation.
Likely Case
Deletion of WordPress core files, plugin directories, or uploaded content causing website downtime, data loss, and requiring full restoration from backups.
If Mitigated
Limited impact if proper file permissions restrict web server user to only necessary directories and regular backups exist.
🎯 Exploit Status
Exploitation requires admin credentials but is trivial once authenticated. Path traversal techniques can target any directory accessible to the web server user.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 10.4.67 or later
Vendor Advisory: https://wordpress.org/plugins/connections/
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find Connections Business Directory. 4. Click 'Update Now' if available. 5. Alternatively, download latest version from WordPress.org and manually update.
🔧 Temporary Workarounds
Disable Plugin
allTemporarily deactivate the vulnerable plugin until patched
wp plugin deactivate connections
Restrict Admin Access
allTemporarily remove administrator privileges from untrusted users
wp user update <username> --role=editor
🧯 If You Can't Patch
- Implement strict file system permissions to restrict web server user to only necessary directories
- Enable comprehensive logging and monitoring for directory deletion attempts and admin actions
🔍 How to Verify
Check if Vulnerable:
Check plugin version in WordPress admin under Plugins → Installed Plugins. If Connections Business Directory version is 10.4.66 or lower, you are vulnerable.Check Version:
wp plugin get connections --field=versionVerify Fix Applied:
Verify plugin version is 10.4.67 or higher after update. Test directory deletion functionality with controlled test directories.📡 Detection & Monitoring
Log Indicators:
- Web server logs showing POST requests to connections plugin endpoints with directory traversal patterns
- WordPress audit logs showing admin users accessing plugin deletion functions
- System logs showing unexpected directory deletions by web server user
Network Indicators:
- HTTP POST requests to /wp-admin/admin-ajax.php with 'action' parameter related to connections plugin
SIEM Query:
source="web_server" AND (uri_path="/wp-admin/admin-ajax.php" AND post_data CONTAINS "connections" AND post_data CONTAINS "delete")