CVE-2024-13567 – This vulnerability allows unauthenticated attac... (How to Fix)

Q: What is the severity of CVE-2024-13567?

CVE-2024-13567 has a CVSS score of 7.5 (HIGH). This vulnerability allows unauthenticated attackers to access sensitive files stored in the Awesome Support WordPress plugin's upload directory. All WordPress sites using Awesome Support plugin versions up to 6.3.1 are affected, potentially exposing support ticket attachments and other sensitive data.

📋 TL;DR

This vulnerability allows unauthenticated attackers to access sensitive files stored in the Awesome Support WordPress plugin's upload directory. All WordPress sites using Awesome Support plugin versions up to 6.3.1 are affected, potentially exposing support ticket attachments and other sensitive data.

💻 Affected Systems

Products:

Awesome Support – WordPress HelpDesk & Support Plugin

Versions: All versions up to and including 6.3.1

Operating Systems: All operating systems running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability affects the default configuration. Version 6.3.1 contains a partial patch but is still vulnerable.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers download all support ticket attachments containing sensitive customer information, PII, credentials, or proprietary business data, leading to data breach and regulatory violations.

🟠

Likely Case

Attackers systematically download accessible files from the upload directory, collecting sensitive information from support tickets that could be used for phishing, fraud, or further attacks.

🟢

If Mitigated

With proper access controls and monitoring, unauthorized access attempts are detected and blocked before significant data exfiltration occurs.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires only web access to the vulnerable directory path. No authentication or special tools needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after 6.3.1

Vendor Advisory: https://plugins.trac.wordpress.org/browser/awesome-support/trunk/includes/file-uploader/class-file-uploader.php

Restart Required: No

Instructions:

1. Update Awesome Support plugin to latest version via WordPress admin panel. 2. Verify update completed successfully. 3. Test that /wp-content/uploads/awesome-support directory is no longer publicly accessible.

🔧 Temporary Workarounds

Restrict directory access via .htaccess

linux

Block public access to the vulnerable directory using Apache .htaccess rules

echo 'Deny from all' > /path/to/wp-content/uploads/awesome-support/.htaccess

Restrict directory access via web.config

windows

Block public access to the vulnerable directory using IIS web.config rules

Add <authorization><deny users="*" /></authorization> to web.config in awesome-support directory

🧯 If You Can't Patch

Implement web application firewall rules to block access to /wp-content/uploads/awesome-support/* paths
Move sensitive files out of the awesome-support directory and restrict access to the directory

🔍 How to Verify

Check if Vulnerable:

Attempt to access http://yoursite.com/wp-content/uploads/awesome-support/anyfile.txt without authentication. If accessible, vulnerable.

Check Version:

Check WordPress admin panel > Plugins > Awesome Support version, or examine wp-content/plugins/awesome-support/readme.txt

Verify Fix Applied:

Attempt same access after patch/update. Should receive 403 Forbidden or similar access denied error.

📡 Detection & Monitoring

Log Indicators:

Multiple 200 OK responses to /wp-content/uploads/awesome-support/* paths from unauthenticated users
Unusual file download patterns from the awesome-support directory

Network Indicators:

HTTP GET requests to awesome-support directory paths from external IPs
Large data transfers from /wp-content/uploads/awesome-support/

SIEM Query:

source="web_server" AND (uri_path="/wp-content/uploads/awesome-support/*" OR uri_path CONTAINS "awesome-support") AND http_status=200 AND user_agent NOT IN ["bot","crawler"]

📊 Metadata

CVE ID: CVE-2024-13567

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-200

EPSS Score: 0.37% exploit probability (58.4th percentile)

Published: April 1, 2025

Last Updated: April 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-13567, you might also want to check these: