CVE-2024-31115
📋 TL;DR
This vulnerability allows attackers to upload arbitrary files to WordPress sites running the Chauffeur Taxi Booking System plugin. Attackers can upload malicious files like PHP webshells, leading to complete system compromise. All WordPress sites using affected versions of this plugin are vulnerable.
💻 Affected Systems
- QuanticaLabs Chauffeur Taxi Booking System for WordPress
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete server takeover via remote code execution, data theft, defacement, and malware distribution.
Likely Case
Website defacement, backdoor installation, credential theft, and data exfiltration.
If Mitigated
Limited impact if file uploads are restricted at web server level or WAF blocks malicious uploads.
🎯 Exploit Status
Simple HTTP POST request with malicious file upload can exploit this vulnerability.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 7.3 or later
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Chauffeur Taxi Booking System. 4. Click 'Update Now' if available. 5. If no update available, deactivate and delete plugin immediately.
🔧 Temporary Workarounds
Disable Plugin
allDeactivate and remove the vulnerable plugin
Web Server File Upload Restrictions
linuxConfigure web server to block PHP file uploads to WordPress uploads directory
# For Apache: Add to .htaccess in wp-content/uploads/
<Files *.php>
Order Deny,Allow
Deny from all
</Files>
# For Nginx: Add to server block
location ~* /wp-content/uploads/.*\.php$ {
deny all;
}
🧯 If You Can't Patch
- Immediately disable the Chauffeur Taxi Booking System plugin
- Implement web application firewall (WAF) rules to block file uploads to vulnerable endpoints
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel > Plugins > Installed Plugins for Chauffeur Taxi Booking System version 7.2 or earlierCheck Version:
# Check via WordPress CLI
wp plugin list --name='chauffeur-booking-system' --field=versionVerify Fix Applied:
Verify plugin version is 7.3 or later, or confirm plugin is deactivated/removed📡 Detection & Monitoring
Log Indicators:
- HTTP POST requests to /wp-content/plugins/chauffeur-booking-system/ upload endpoints
- File uploads with .php, .phtml, .php5 extensions to upload directories
- Unusual file creation in wp-content/uploads/
Network Indicators:
- POST requests with file uploads to plugin-specific endpoints
- Subsequent requests to newly uploaded PHP files
SIEM Query:
source="web_server" AND (uri_path="/wp-content/plugins/chauffeur-booking-system/" AND method="POST") OR (uri_path ENDS WITH ".php" AND referrer CONTAINS "chauffeur-booking-system")🔗 References
- https://patchstack.com/database/vulnerability/chauffeur-booking-system/wordpress-chauffeur-taxi-booking-system-for-wordpress-plugin-6-9-arbitrary-file-upload-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/chauffeur-booking-system/wordpress-chauffeur-taxi-booking-system-for-wordpress-plugin-6-9-arbitrary-file-upload-vulnerability?_s_id=cve
