CVE-2020-24143: Path Traversal
First published: Wed Jul 07 2021(Updated: )
Directory traversal in the Video Downloader for TikTok (aka downloader-tiktok) plugin 1.3 for WordPress lets an attacker get access to files that are stored outside the web root folder via the njt-tk-download-video parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ninjateam Video Downloader For Tiktok | =1.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-24143?
CVE-2020-24143 is a vulnerability that allows an attacker to access files outside the web root folder in the Video Downloader for TikTok plugin for WordPress.
How does CVE-2020-24143 work?
CVE-2020-24143 works by exploiting a directory traversal vulnerability in the njt-tk-download-video parameter of the plugin.
What is the severity of CVE-2020-24143?
CVE-2020-24143 has a severity rating of high, with a CVSS score of 7.5.
How can I protect my WordPress site from CVE-2020-24143?
To protect your WordPress site from CVE-2020-24143, ensure that you have updated to the latest version of the Video Downloader for TikTok plugin (version 1.3) or apply any patches or security updates provided by the plugin developer.
Is there a reference for more information about CVE-2020-24143?
Yes, you can find more information about CVE-2020-24143 at the following reference: [https://github.com/secwx/research/blob/main/cve/CVE-2020-24143.md](https://github.com/secwx/research/blob/main/cve/CVE-2020-24143.md)
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/ninjateam
- canonical/ninjateam video downloader for tiktok
- version/ninjateam video downloader for tiktok/1.3