CVE-2024-37092 – This vulnerability allows attackers to perform ... (How to Fix)

Q: What is the severity of CVE-2024-37092?

CVE-2024-37092 has a CVSS score of 8.5 (HIGH). This vulnerability allows attackers to perform path traversal attacks in the Consulting Elementor Widgets WordPress plugin, leading to local file inclusion. Attackers can read arbitrary files on the server, potentially exposing sensitive information. All WordPress sites using affected versions of this plugin are vulnerable.

📋 TL;DR

This vulnerability allows attackers to perform path traversal attacks in the Consulting Elementor Widgets WordPress plugin, leading to local file inclusion. Attackers can read arbitrary files on the server, potentially exposing sensitive information. All WordPress sites using affected versions of this plugin are vulnerable.

💻 Affected Systems

Products:

StylemixThemes Consulting Elementor Widgets WordPress Plugin

Versions: All versions up to and including 1.3.0

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects WordPress installations with the vulnerable plugin installed and activated.

📦 What is this software?

Consulting Elementor Widgets by Stylemixthemes

View all CVEs affecting Consulting Elementor Widgets →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise through reading sensitive files like wp-config.php (containing database credentials), followed by remote code execution and full site takeover.

🟠

Likely Case

Sensitive file disclosure including configuration files, user data, and potentially obtaining credentials that could lead to further compromise.

🟢

If Mitigated

Limited information disclosure if file permissions are properly configured and sensitive files are stored outside web root.

🌐 Internet-Facing: HIGH - WordPress sites are typically internet-facing and this vulnerability requires no authentication.

🏢 Internal Only: MEDIUM - Internal WordPress sites could still be compromised if an attacker gains internal network access.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Path traversal vulnerabilities are typically easy to exploit with publicly available tools and techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.3.1 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/consulting-elementor-widgets/wordpress-consulting-elementor-widgets-plugin-1-3-0-local-file-inclusion-vulnerability

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Consulting Elementor Widgets'. 4. Click 'Update Now' if update available. 5. Alternatively, download version 1.3.1+ from WordPress repository and replace plugin files.

🔧 Temporary Workarounds

Disable Plugin

all

Temporarily disable the vulnerable plugin until patched

wp plugin deactivate consulting-elementor-widgets

Web Application Firewall Rule

all

Block path traversal patterns in requests

Add WAF rule to block requests containing '../' sequences

🧯 If You Can't Patch

Remove the Consulting Elementor Widgets plugin completely
Implement strict file permissions and move sensitive files outside web root

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin > Plugins > Installed Plugins for Consulting Elementor Widgets version 1.3.0 or earlier

Check Version:

wp plugin get consulting-elementor-widgets --field=version

Verify Fix Applied:

Verify plugin version is 1.3.1 or later in WordPress admin panel

📡 Detection & Monitoring

Log Indicators:

HTTP requests containing '../' sequences to plugin endpoints
Unusual file read attempts in web server logs

Network Indicators:

Requests to plugin files with path traversal payloads

SIEM Query:

web.url:*consulting* AND web.url:*../*

📊 Metadata

CVE ID: CVE-2024-37092

CVSS v3 Score: 8.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-22

Published: June 24, 2024

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-37092, you might also want to check these: