CVE-2024-6560 – The Addonify Quick View for WooCommerce WordPre... (How to Fix)

Q: What is the severity of CVE-2024-6560?

CVE-2024-6560 has a CVSS score of 5.3 (MEDIUM). The Addonify Quick View for WooCommerce WordPress plugin discloses full server path information to unauthenticated attackers due to improper access restrictions on mobiledetect library files. This vulnerability affects all versions up to 1.2.16. While the path disclosure alone doesn't enable direct compromise, it can assist attackers in planning further attacks against vulnerable websites.

📋 TL;DR

The Addonify Quick View for WooCommerce WordPress plugin discloses full server path information to unauthenticated attackers due to improper access restrictions on mobiledetect library files. This vulnerability affects all versions up to 1.2.16. While the path disclosure alone doesn't enable direct compromise, it can assist attackers in planning further attacks against vulnerable websites.

💻 Affected Systems

Products:

Addonify - Quick View For WooCommerce WordPress Plugin

Versions: All versions up to and including 1.2.16

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress with WooCommerce installed, but vulnerability exists in default plugin configuration.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers combine path disclosure with other vulnerabilities (like local file inclusion or directory traversal) to execute arbitrary code, access sensitive files, or compromise the server.

🟠

Likely Case

Attackers gather reconnaissance information about server structure to plan targeted attacks, increasing success probability for subsequent exploitation attempts.

🟢

If Mitigated

Path information is exposed but cannot be leveraged due to proper security controls, minimal additional risk beyond information disclosure.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: NO

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple HTTP requests to exposed mobiledetect files trigger path disclosure without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.2.17 or later

Vendor Advisory: https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3121821%40addonify-quick-view&new=3121821%40addonify-quick-view

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Addonify - Quick View For WooCommerce'. 4. Click 'Update Now' if available. 5. Alternatively, download version 1.2.17+ from WordPress repository and manually update.

🔧 Temporary Workarounds

Block Direct Access to mobiledetect Files

linux

Add .htaccess rules to prevent direct access to vulnerable mobiledetect files

# Add to .htaccess in plugin directory
<Files "exportToJSON.php">
    Order Allow,Deny
    Deny from all
</Files>
# Alternative: Block entire mobiledetect directory
<Directory "/wp-content/plugins/addonify-quick-view/vendor/mobiledetect">
    Order Allow,Deny
    Deny from all
</Directory>

🧯 If You Can't Patch

Disable or remove the Addonify Quick View plugin until patched
Implement web application firewall rules to block requests to /vendor/mobiledetect/ paths

🔍 How to Verify

Check if Vulnerable:

Access https://[your-site]/wp-content/plugins/addonify-quick-view/vendor/mobiledetect/mobiledetectlib/export/exportToJSON.php - if it returns server path information, you're vulnerable.

Check Version:

Check WordPress admin Plugins page or examine /wp-content/plugins/addonify-quick-view/addonify-quick-view.php header for version

Verify Fix Applied:

After update, attempt same URL access - should return 403/404 error or blank page instead of path disclosure.

📡 Detection & Monitoring

Log Indicators:

HTTP 200 responses to paths containing '/vendor/mobiledetect/mobiledetectlib/export/'
Unusual requests to plugin vendor directories from external IPs

Network Indicators:

GET requests to exportToJSON.php file
Traffic patterns showing reconnaissance activity

SIEM Query:

http.url:"*/vendor/mobiledetect/mobiledetectlib/export/*" AND http.status_code:200

📊 Metadata

CVE ID: CVE-2024-6560

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-200

Published: July 20, 2024

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-6560, you might also want to check these: