CVE-2024-35778 – This CVE describes a path traversal vulnerabili... (How to Fix)

Q: What is the severity of CVE-2024-35778?

CVE-2024-35778 has a CVSS score of 6.5 (MEDIUM). This CVE describes a path traversal vulnerability in the WordPress Slideshow SE plugin that allows authenticated users with author-level permissions to include local files. Attackers can read sensitive files on the server by manipulating file paths. This affects all WordPress sites running Slideshow SE plugin versions up to 2.5.17.

📋 TL;DR

This CVE describes a path traversal vulnerability in the WordPress Slideshow SE plugin that allows authenticated users with author-level permissions to include local files. Attackers can read sensitive files on the server by manipulating file paths. This affects all WordPress sites running Slideshow SE plugin versions up to 2.5.17.

💻 Affected Systems

Products:

WordPress Slideshow SE Plugin

Versions: n/a through 2.5.17

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with Slideshow SE plugin and at least one user with author-level permissions.

📦 What is this software?

Slideshow Se by Slideshow Se Project

View all CVEs affecting Slideshow Se →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Author-level attackers can read sensitive server files including configuration files, password hashes, and database credentials, potentially leading to full system compromise.

🟠

Likely Case

Authenticated attackers with author privileges read sensitive files like wp-config.php to obtain database credentials and escalate privileges.

🟢

If Mitigated

With proper access controls and file permissions, impact is limited to reading non-critical files within the web directory.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires author-level WordPress credentials. Public exploit details available through security advisories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.5.18 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/slideshow-se/wordpress-slideshow-se-plugin-2-5-17-author-limited-local-file-inclusion-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Slideshow SE plugin. 4. Click 'Update Now' if update available. 5. If no update appears, manually download version 2.5.18+ from WordPress repository.

🔧 Temporary Workarounds

Disable Slideshow SE Plugin

all

Temporarily disable the vulnerable plugin until patched

wp plugin deactivate slideshow-se

Restrict Author Permissions

all

Review and reduce author-level user accounts to minimize attack surface

🧯 If You Can't Patch

Remove author-level permissions from untrusted users
Implement web application firewall rules to block path traversal patterns

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins for Slideshow SE version

Check Version:

wp plugin get slideshow-se --field=version

Verify Fix Applied:

Verify plugin version is 2.5.18 or higher in WordPress admin

📡 Detection & Monitoring

Log Indicators:

HTTP requests with '../' sequences targeting slideshow-se endpoints
Multiple failed file inclusion attempts from author-level accounts

Network Indicators:

Unusual file paths in GET/POST parameters to slideshow-se URLs

SIEM Query:

source="web_access_logs" AND uri_path="*slideshow-se*" AND (query="*../*" OR query="*..\\*" OR query="*%2e%2e%2f*")

📊 Metadata

CVE ID: CVE-2024-35778

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

Published: June 21, 2024

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-35778, you might also want to check these: