CVE-2024-5882 – This vulnerability in the Ultimate Classified L... (How to Fix)

Q: What is the severity of CVE-2024-5882?

CVE-2024-5882 has a CVSS score of 7.5 (HIGH). This vulnerability in the Ultimate Classified Listings WordPress plugin allows unauthenticated attackers to access arbitrary PHP files on the server through improper validation of URL parameters. It affects WordPress sites running plugin versions before 1.3, potentially exposing sensitive server files and configuration data.

📋 TL;DR

This vulnerability in the Ultimate Classified Listings WordPress plugin allows unauthenticated attackers to access arbitrary PHP files on the server through improper validation of URL parameters. It affects WordPress sites running plugin versions before 1.3, potentially exposing sensitive server files and configuration data.

💻 Affected Systems

Products:

Ultimate Classified Listings WordPress Plugin

Versions: All versions before 1.3

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects WordPress installations with the vulnerable plugin active.

📦 What is this software?

Ultimate Classified Listings by Webcodingplace

View all CVEs affecting Ultimate Classified Listings →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could read sensitive PHP files including configuration files with database credentials, source code, or other server files, leading to complete system compromise.

🟠

Likely Case

Unauthenticated attackers accessing sensitive server files, potentially exposing database credentials, configuration details, or other sensitive information.

🟢

If Mitigated

Limited exposure of non-critical files or failed exploitation attempts if proper file permissions and web server configurations are in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires simple HTTP requests with crafted parameters to the listings page endpoint.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.3

Vendor Advisory: https://wpscan.com/vulnerability/5e8d7808-8f3e-4fc9-a1e7-e108da031ca7/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find Ultimate Classified Listings plugin. 4. Click 'Update Now' if update available. 5. Alternatively, download version 1.3+ from WordPress repository and replace existing plugin files.

🔧 Temporary Workarounds

Disable vulnerable plugin

all

Temporarily deactivate the Ultimate Classified Listings plugin until patched

wp plugin deactivate ultimate-classified-listings

Web Application Firewall rule

linux

Block requests containing suspicious ucl_page or layout parameters

ModSecurity rule: SecRule ARGS_GET "(ucl_page|layout)" "phase:1,deny,status:403,id:1001"

🧯 If You Can't Patch

Implement strict file permissions on PHP files and sensitive directories
Deploy web application firewall to block directory traversal attempts

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel → Plugins → Ultimate Classified Listings version number. If version is below 1.3, system is vulnerable.

Check Version:

wp plugin get ultimate-classified-listings --field=version

Verify Fix Applied:

After updating, verify plugin version shows 1.3 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

HTTP requests to /wp-content/plugins/ultimate-classified-listings/ with ucl_page or layout parameters containing path traversal sequences (../)

Network Indicators:

Unusual file access patterns to PHP files via web requests, especially from unauthenticated users

SIEM Query:

web_access_logs | where url contains "ultimate-classified-listings" and (url contains "ucl_page" or url contains "layout") and (url contains ".." or url contains ".php")

📊 Metadata

CVE ID: CVE-2024-5882

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

Published: July 29, 2024

Last Updated: April 10, 2025

🔗 References

https://wpscan.com/vulnerability/5e8d7808-8f3e-4fc9-a1e7-e108da031ca7/ Exploit,Third Party Advisory
https://wpscan.com/vulnerability/5e8d7808-8f3e-4fc9-a1e7-e108da031ca7/ Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-5882, you might also want to check these: