CVE-2024-34555 – This vulnerability allows attackers to upload a... (How to Fix)

📋 TL;DR

This vulnerability allows attackers to upload arbitrary files to WordPress sites running the Z-Downloads plugin. Attackers can upload malicious files like PHP shells to gain remote code execution. All WordPress sites using Z-Downloads versions up to 1.11.3 are affected.

💻 Affected Systems

Products:

WordPress Z-Downloads plugin

Versions: n/a through 1.11.3

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with Z-Downloads plugin enabled

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise leading to data theft, ransomware deployment, or use as attack platform

🟠

Likely Case

Website defacement, malware distribution, or backdoor installation for persistent access

🟢

If Mitigated

Limited impact if file uploads are restricted by web application firewall or server configuration

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple file upload exploitation with public proof-of-concept available

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.11.4 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/z-downloads/wordpress-z-downloads-plugin-1-11-3-arbitrary-file-upload-vulnerability

Restart Required: No

Instructions:

1. Log into WordPress admin panel
2. Navigate to Plugins → Installed Plugins
3. Find Z-Downloads and click 'Update Now'
4. Verify version is 1.11.4 or higher

🔧 Temporary Workarounds

Disable Z-Downloads plugin

all

Temporarily disable the vulnerable plugin until patched

wp plugin deactivate z-downloads

Restrict file uploads via .htaccess

linux

Block PHP file uploads to upload directories

<FilesMatch "\.(php|php5|php7|phtml|phar)$">
    Order Deny,Allow
    Deny from all
</FilesMatch>

🧯 If You Can't Patch

Implement web application firewall with file upload filtering
Restrict upload directory permissions and disable script execution

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → Z-Downloads version

Check Version:

wp plugin get z-downloads --field=version

Verify Fix Applied:

Confirm Z-Downloads version is 1.11.4 or higher

📡 Detection & Monitoring

Log Indicators:

Unusual file uploads to wp-content/uploads/z-downloads/
POST requests to upload.php with PHP files

Network Indicators:

HTTP POST requests with file uploads to Z-Downloads endpoints
Unexpected outbound connections after file upload

SIEM Query:

source="web.log" (uri_path="*z-downloads*" AND method="POST") AND (file_extension="php" OR file_extension="phtml")

📊 Metadata

CVE ID: CVE-2024-34555

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-434

Published: May 14, 2024

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-34555, you might also want to check these: