CVE-2024-54376
📋 TL;DR
This vulnerability allows attackers to include arbitrary local files via PHP's include/require statements in the EazyDocs WordPress plugin. Attackers can read sensitive files or potentially execute code by manipulating file paths. All WordPress sites running vulnerable EazyDocs versions are affected.
💻 Affected Systems
- Spider-themes EazyDocs WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete server compromise, data theft, and website defacement.
Likely Case
Sensitive file disclosure (configuration files, database credentials) and limited file system access.
If Mitigated
Minimal impact if file inclusion is restricted to safe directories and proper file permissions are enforced.
🎯 Exploit Status
Exploitation requires knowledge of vulnerable endpoints but is straightforward once identified.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.5.6 or later
Vendor Advisory: https://patchstack.com/database/wordpress/plugin/eazydocs/vulnerability/wordpress-eazydocs-plugin-2-5-4-local-file-inclusion-vulnerability?_s_id=cve
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find EazyDocs and click 'Update Now'. 4. Verify version is 2.5.6 or higher.
🔧 Temporary Workarounds
Disable EazyDocs Plugin
allTemporarily disable the vulnerable plugin until patched.
wp plugin deactivate eazydocs
Restrict PHP Include Paths
linuxConfigure PHP to restrict include paths to safe directories.
php_admin_value open_basedir "/var/www/html:/tmp"
🧯 If You Can't Patch
- Implement web application firewall (WAF) rules to block file inclusion patterns
- Restrict file system permissions and disable dangerous PHP functions like allow_url_include
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel > Plugins > EazyDocs version. If version is 2.5.5 or lower, you are vulnerable.Check Version:
wp plugin get eazydocs --field=versionVerify Fix Applied:
Confirm EazyDocs version is 2.5.6 or higher in WordPress plugins list.📡 Detection & Monitoring
Log Indicators:
- Unusual PHP include/require errors
- Requests with suspicious file path parameters like '../../' patterns
Network Indicators:
- HTTP requests containing file path traversal sequences in parameters
SIEM Query:
source="web_logs" AND (uri="*../*" OR params="*include*" OR params="*require*")