CVE-2024-37410 – This path traversal vulnerability in PowerPack ... (How to Fix)

📋 TL;DR

This path traversal vulnerability in PowerPack Lite for Beaver Builder allows attackers to access files outside the intended directory. It affects WordPress sites using this plugin, potentially exposing sensitive server files. The vulnerability exists in versions up to 1.3.0.3.

💻 Affected Systems

Products:

PowerPack Lite for Beaver Builder

Versions: n/a through 1.3.0.3

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Affects WordPress installations with the vulnerable plugin version installed and activated.

📦 What is this software?

Powerpack For Beaver Builder by Ideabox

View all CVEs affecting Powerpack For Beaver Builder →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could read sensitive server files like configuration files, password files, or source code, potentially leading to complete system compromise.

🟠

Likely Case

Unauthorized file reading of web-accessible files, potentially exposing sensitive information like database credentials or user data.

🟢

If Mitigated

Limited to reading files within the web server's permissions, with no write or execution capabilities.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Path traversal vulnerabilities are commonly exploited and require minimal technical skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.3.0.4 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/powerpack-addon-for-beaver-builder/wordpress-powerpack-lite-for-beaver-builder-plugin-1-3-0-3-local-file-inclusion-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel
2. Navigate to Plugins > Installed Plugins
3. Find 'PowerPack Lite for Beaver Builder'
4. Click 'Update Now' if update is available
5. Alternatively, download latest version from WordPress repository and manually update

🔧 Temporary Workarounds

Disable vulnerable plugin

all

Temporarily disable the PowerPack Lite plugin until patched

Web server path restrictions

linux

Configure web server to restrict directory traversal attempts

# For Apache: Add to .htaccess
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} \.\./ [NC,OR]
RewriteCond %{REQUEST_URI} \.\.\\ [NC]
RewriteRule .* - [F]
</IfModule>

🧯 If You Can't Patch

Remove or disable the PowerPack Lite plugin entirely
Implement web application firewall (WAF) rules to block path traversal patterns

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins for PowerPack Lite version

Check Version:

# In WordPress admin URL: /wp-admin/plugins.php

Verify Fix Applied:

Verify plugin version is 1.3.0.4 or higher in WordPress admin

📡 Detection & Monitoring

Log Indicators:

HTTP requests containing '../' or '..\' patterns
Requests to unusual file paths in plugin directory

Network Indicators:

HTTP requests with path traversal sequences in URL parameters

SIEM Query:

http.url:*../* OR http.uri:*..\\*

📊 Metadata

CVE ID: CVE-2024-37410

CVSS v3 Score: 4.9 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

Published: July 9, 2024

Last Updated: April 15, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-37410, you might also want to check these: