CVE-2024-43129 – This path traversal vulnerability in the WordPr... (How to Fix)

📋 TL;DR

This path traversal vulnerability in the WordPress BetterDocs plugin allows attackers to include local PHP files through improper path validation. It affects all WordPress sites running BetterDocs versions up to 3.5.8, potentially enabling unauthorized file access and code execution.

💻 Affected Systems

Products:

WordPress BetterDocs plugin

Versions: n/a through 3.5.8

Operating Systems: All platforms running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with BetterDocs plugin enabled.

📦 What is this software?

Betterdocs by Wpdeveloper

View all CVEs affecting Betterdocs →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, and website defacement.

🟠

Likely Case

Sensitive file disclosure including configuration files, database credentials, and user data.

🟢

If Mitigated

Limited impact with proper file permissions and web server restrictions in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit details available on security research sites.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.5.9 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/betterdocs/wordpress-betterdocs-plugin-3-5-8-local-file-inclusion-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel
2. Navigate to Plugins > Installed Plugins
3. Find BetterDocs and click 'Update Now'
4. Verify version is 3.5.9 or higher

🔧 Temporary Workarounds

Disable BetterDocs plugin

all

Temporarily deactivate the vulnerable plugin until patched

wp plugin deactivate betterdocs

Web server path restriction

linux

Configure web server to block traversal attempts

# Add to .htaccess for Apache:
RewriteCond %{REQUEST_URI} \.\./ [NC]
RewriteRule .* - [F]

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block path traversal patterns
Restrict file permissions and disable PHP execution in sensitive directories

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > BetterDocs version

Check Version:

wp plugin list --name=betterdocs --field=version

Verify Fix Applied:

Confirm BetterDocs version is 3.5.9 or higher in WordPress admin

📡 Detection & Monitoring

Log Indicators:

HTTP requests containing '../' patterns to BetterDocs endpoints
Unusual file access attempts in web server logs

Network Indicators:

HTTP requests with path traversal sequences (../, ..\) to plugin files

SIEM Query:

web.url:*betterdocs* AND web.url:*../*

📊 Metadata

CVE ID: CVE-2024-43129

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

Published: August 13, 2024

Last Updated: September 12, 2024

🔗 References

https://patchstack.com/database/vulnerability/betterdocs/wordpress-betterdocs-plugin-3-5-8-local-file-inclusion-vulnerability?_s_id=cve Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-43129, you might also want to check these: