CVE-2024-32086
📋 TL;DR
This vulnerability allows unauthenticated attackers to access sensitive user and post data in the Citadela Listing WordPress plugin. It affects all WordPress sites running Citadela Listing versions up to 5.18.1. The exposure occurs without requiring any authentication.
💻 Affected Systems
- AitThemes Citadela Listing WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could exfiltrate all user data (including potentially sensitive information) and all post content from the directory, leading to data breach, privacy violations, and regulatory compliance issues.
Likely Case
Attackers harvest user information (usernames, emails, other profile data) and listing content for spam, phishing, or reconnaissance purposes.
If Mitigated
With proper network segmentation and access controls, the impact is limited to data exposure within the WordPress environment, but sensitive information remains at risk.
🎯 Exploit Status
The vulnerability requires no authentication and has publicly available technical details, making exploitation trivial.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 5.18.2 or later
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Citadela Listing and click 'Update Now'. 4. Verify the plugin version is 5.18.2 or higher.
🔧 Temporary Workarounds
Disable Plugin
allTemporarily disable the Citadela Listing plugin until patched.
wp plugin deactivate citadela-directory
Restrict Access
allUse web application firewall (WAF) rules to block unauthenticated access to vulnerable endpoints.
🧯 If You Can't Patch
- Implement strict network access controls to limit who can reach the WordPress instance.
- Deploy a web application firewall (WAF) with rules specifically blocking exploitation attempts for this vulnerability.
🔍 How to Verify
Check if Vulnerable:
Check the plugin version in WordPress admin under Plugins > Installed Plugins. If version is 5.18.1 or lower, the system is vulnerable.Check Version:
wp plugin get citadela-directory --field=versionVerify Fix Applied:
Confirm the plugin version is 5.18.2 or higher in the WordPress admin plugins page.📡 Detection & Monitoring
Log Indicators:
- Unusual volume of requests to Citadela Listing API endpoints from unauthenticated users
- Requests to user data or post listing endpoints without authentication headers
Network Indicators:
- HTTP requests to /wp-json/citadela-directory/v1/ endpoints without authentication
- Patterns of data extraction from listing endpoints
SIEM Query:
source="wordpress" AND (uri_path="/wp-json/citadela-directory/v1/*" AND NOT user_authenticated=true)🔗 References
- https://patchstack.com/database/vulnerability/citadela-directory/wordpress-citadela-listing-plugin-5-18-1-unauthenticated-sensitive-data-users-posts-exposure-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/citadela-directory/wordpress-citadela-listing-plugin-5-18-1-unauthenticated-sensitive-data-users-posts-exposure-vulnerability?_s_id=cve
