CVE-2024-13342
BaseFortify
Publication date: 2025-08-29
Last updated on: 2025-12-08
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| booster | booster_for_woocommerce | to 7.2.5 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Booster for WooCommerce plugin for WordPress, specifically in the 'add_files_to_order' function up to version 7.2.4. It allows unauthenticated attackers to upload arbitrary files with double extensions due to missing file type validation. Because the plugin does not properly validate the file types, attackers can upload potentially malicious files that might be executed on the server if the server configuration executes the first extension in a double extension filename. This could lead to remote code execution on affected sites. [1, 2]
How can this vulnerability impact me? :
The vulnerability can allow attackers to upload arbitrary files to your server without authentication. If the server is configured to execute files based on the first extension in a double extension filename, this could lead to remote code execution, allowing attackers to run malicious code on your server. This can compromise the security and integrity of your website, potentially leading to data theft, site defacement, or further exploitation. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves checking if the WooCommerce Jetpack plugin version 7.2.4 or earlier is installed and if the 'Checkout Files Upload' module is enabled. Since the vulnerability allows arbitrary file uploads with double extensions, monitoring for suspicious file uploads with double extensions in the WooCommerce upload directories or logs can help detect exploitation attempts. Specific commands are not provided in the resources, but general approaches include scanning the web server upload directories for files with double extensions and reviewing web server access logs for POST requests to the file upload endpoints related to WooCommerce checkout. Additionally, verifying the plugin version installed can be done via WordPress admin or by checking the plugin files directly. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the WooCommerce Jetpack plugin to version 7.2.5 or later, where the vulnerability is addressed by enhanced file upload validation, including improved extension and MIME type checks, and strengthened security measures such as nonce verification and output sanitization. If updating immediately is not possible, disabling the 'Checkout Files Upload' module or restricting file upload capabilities temporarily can reduce risk. Additionally, reviewing and tightening file upload settings to allow only safe file types and monitoring for suspicious uploads are recommended. [2]