CVE-2024-11150: WordPress User Extra Fields <= 16.6 - Unauthenticated Arbitrary File Deletion
First published: Wed Nov 13 2024(Updated: )
The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_tmp_uploaded_file() function in all versions up to, and including, 16.6. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Credit: security@wordfence.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Vanquish User Extra Fields Wordpress | <16.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-11150?
CVE-2024-11150 has a medium severity level due to the potential for arbitrary file deletion by unauthenticated attackers.
How do I fix CVE-2024-11150?
To fix CVE-2024-11150, update the WordPress User Extra Fields plugin to version 16.7 or later.
Who is affected by CVE-2024-11150?
CVE-2024-11150 affects all versions of the WordPress User Extra Fields plugin up to and including 16.6.
What type of vulnerability is CVE-2024-11150?
CVE-2024-11150 is categorized as an arbitrary file deletion vulnerability.
Can authenticated users exploit CVE-2024-11150?
No, CVE-2024-11150 is specifically exploitable by unauthenticated attackers.
- agent/weakness
- agent/references
- agent/title
- agent/first-publish-date
- agent/description
- agent/type
- agent/severity
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- agent/source
- vendor/vanquish
- canonical/vanquish user extra fields wordpress