CVE-2024-34554 – This vulnerability allows attackers to perform ... (How to Fix)

Q: What is the severity of CVE-2024-34554?

CVE-2024-34554 has a CVSS score of 8.5 (HIGH). This vulnerability allows attackers to perform path traversal attacks in the Stockholm Core WordPress plugin, enabling PHP local file inclusion. Attackers can potentially read sensitive files or execute arbitrary code on affected WordPress sites. All WordPress installations using vulnerable versions of Stockholm Core are affected.

📋 TL;DR

This vulnerability allows attackers to perform path traversal attacks in the Stockholm Core WordPress plugin, enabling PHP local file inclusion. Attackers can potentially read sensitive files or execute arbitrary code on affected WordPress sites. All WordPress installations using vulnerable versions of Stockholm Core are affected.

💻 Affected Systems

Products:

Select-Themes Stockholm Core WordPress Plugin

Versions: All versions up to and including 2.4.1

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with Stockholm Core plugin active.

📦 What is this software?

Stockholm Core by Select Themes

View all CVEs affecting Stockholm Core →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full server compromise through remote code execution, data exfiltration, and complete site takeover.

🟠

Likely Case

Sensitive file disclosure (configuration files, database credentials) and limited code execution within WordPress context.

🟢

If Mitigated

Attack blocked at web application firewall level with no successful exploitation.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Path traversal vulnerabilities are commonly exploited with simple HTTP requests.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.4.2 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/stockholm-core/wordpress-stockholm-core-plugin-2-4-1-local-file-inclusion-vulnerability

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins. 3. Find Stockholm Core plugin. 4. Click 'Update Now' if available. 5. Alternatively, download version 2.4.2+ from WordPress repository and manually update.

🔧 Temporary Workarounds

Web Application Firewall Rule

all

Block path traversal patterns in HTTP requests

WAF-specific configuration required

Disable Plugin

linux

Temporarily disable Stockholm Core plugin until patched

wp plugin deactivate stockholm-core

🧯 If You Can't Patch

Implement strict file permission controls on web server
Deploy web application firewall with path traversal detection

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Stockholm Core version

Check Version:

wp plugin get stockholm-core --field=version

Verify Fix Applied:

Confirm Stockholm Core version is 2.4.2 or higher

📡 Detection & Monitoring

Log Indicators:

HTTP requests with '../' sequences
Unusual file access patterns in web logs
Requests to unexpected PHP files

Network Indicators:

HTTP requests containing path traversal sequences
Unusual file inclusion attempts

SIEM Query:

web_access_logs WHERE url CONTAINS '../' OR url CONTAINS '..%2F'

📊 Metadata

CVE ID: CVE-2024-34554

CVSS v3 Score: 8.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-22

Published: June 4, 2024

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-34554, you might also want to check these: