CVE-2024-31343 – This CVE describes a Missing Authorization vuln... (How to Fix)

Q: What is the severity of CVE-2024-31343?

CVE-2024-31343 has a CVSS score of 7.5 (HIGH). This CVE describes a Missing Authorization vulnerability in the Sonaar Music MP3 Audio Player WordPress plugin that allows unauthenticated attackers to download arbitrary files from the server. It affects all WordPress sites running the plugin from any version up to and including 4.10.1.

📋 TL;DR

This CVE describes a Missing Authorization vulnerability in the Sonaar Music MP3 Audio Player WordPress plugin that allows unauthenticated attackers to download arbitrary files from the server. It affects all WordPress sites running the plugin from any version up to and including 4.10.1.

💻 Affected Systems

Products:

MP3 Audio Player for Music, Radio & Podcast by Sonaar WordPress plugin

Versions: n/a through 4.10.1

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all WordPress installations with the vulnerable plugin version, regardless of configuration.

📦 What is this software?

Mp3 Audio Player For Music\, Radio \& Podcast by Sonaar

View all CVEs affecting Mp3 Audio Player For Music\, Radio \& Podcast →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could download sensitive files like wp-config.php containing database credentials, potentially leading to complete site compromise and data exfiltration.

🟠

Likely Case

Unauthenticated attackers downloading configuration files, source code, or other sensitive files from vulnerable WordPress installations.

🟢

If Mitigated

With proper file permissions and web server restrictions, impact would be limited to publicly accessible files only.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability is simple to exploit and public exploit details are available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.10.2 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/mp3-music-player-by-sonaar/wordpress-mp3-audio-player-for-music-radio-podcast-by-sonaar-plugin-4-10-1-arbitrary-file-download-vulnerability

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins. 3. Find 'MP3 Audio Player for Music, Radio & Podcast by Sonaar'. 4. Click 'Update Now' or manually update to version 4.10.2+. 5. Verify update completed successfully.

🔧 Temporary Workarounds

Disable Plugin

all

Temporarily disable the vulnerable plugin until patching is possible

wp plugin deactivate mp3-music-player-by-sonaar

Restrict Access via .htaccess

linux

Block access to plugin files via web server configuration

<FilesMatch "\.(php|inc|txt|sql)$">
  Order Allow,Deny
  Deny from all
</FilesMatch>

🧯 If You Can't Patch

Remove the plugin completely from the WordPress installation
Implement strict file permissions and disable directory listing on the web server

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > MP3 Audio Player for Music, Radio & Podcast by Sonaar version

Check Version:

wp plugin get mp3-music-player-by-sonaar --field=version

Verify Fix Applied:

Verify plugin version is 4.10.2 or higher in WordPress admin panel

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns to plugin directories
HTTP requests to plugin endpoints with file path parameters

Network Indicators:

HTTP requests containing 'download' or file path traversal patterns to plugin endpoints

SIEM Query:

web_access_logs WHERE uri CONTAINS '/wp-content/plugins/mp3-music-player-by-sonaar/' AND (uri CONTAINS 'download' OR uri CONTAINS '../')

📊 Metadata

CVE ID: CVE-2024-31343

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-862

Published: April 10, 2024

Last Updated: January 17, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-31343, you might also want to check these: