CVE-2024-43281
📋 TL;DR
This vulnerability allows attackers to read arbitrary files on WordPress servers by exploiting a path traversal flaw in the Void Elementor Post Grid Addon plugin. It affects all WordPress sites using this plugin up to version 2.3. Attackers can potentially access sensitive configuration files and other local files.
💻 Affected Systems
- Void Elementor Post Grid Addon for Elementor Page Builder
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Full server compromise through reading sensitive files like wp-config.php (containing database credentials), followed by database access and potential remote code execution.
Likely Case
Information disclosure of sensitive files including configuration files, source code, and potentially user data, leading to further attacks.
If Mitigated
Limited file access restricted to non-sensitive directories if proper file permissions and web server configurations are in place.
🎯 Exploit Status
Path traversal vulnerabilities are typically easy to exploit with simple HTTP requests. Public proof-of-concept exists on security research sites.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.4 or later
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Void Elementor Post Grid Addon'. 4. Click 'Update Now' if update is available. 5. Alternatively, download version 2.4+ from WordPress repository and manually update.
🔧 Temporary Workarounds
Disable vulnerable plugin
allTemporarily disable the plugin until patched version is available
wp plugin deactivate void-elementor-post-grid-addon-for-elementor-page-builder
Restrict file access via web server
allConfigure web server to block directory traversal attempts
# Apache: Add to .htaccess
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} \.\./ [NC]
RewriteRule .* - [F]
</IfModule>
# Nginx: Add to server block
location ~* \.\./ {
deny all;
}
🧯 If You Can't Patch
- Remove the plugin entirely if not essential for site functionality
- Implement web application firewall (WAF) rules to block path traversal patterns
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → Void Elementor Post Grid Addon. If version is 2.3 or lower, you are vulnerable.Check Version:
wp plugin get void-elementor-post-grid-addon-for-elementor-page-builder --field=versionVerify Fix Applied:
Verify plugin version is 2.4 or higher in WordPress admin panel. Test functionality remains working.📡 Detection & Monitoring
Log Indicators:
- HTTP requests containing '../' or '..\' patterns to plugin endpoints
- Unusual file access attempts to sensitive paths like wp-config.php
Network Indicators:
- HTTP requests with encoded directory traversal sequences (%2e%2e%2f, ..%2f)
SIEM Query:
source="web_access_logs" AND (uri="*../*" OR uri="*..%2f*" OR uri="*..\\*" OR uri="*..%5c*") AND uri="*void-elementor*"