CVE-2024-13807
BaseFortify
Publication date: 2025-08-28
Last updated on: 2025-08-29
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wordpress | wordpress | * |
| xagio | xagio_seo | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in the Xagio SEO WordPress plugin (up to version 7.1.0.5) involves Sensitive Information Exposure through its backup functionality. Due to weak filename structures and lack of directory protection, unauthenticated attackers can access backup files containing sensitive data such as the entire database and site files. This exposure happens because the backups are not properly secured, allowing attackers to extract critical information without authentication.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized disclosure of sensitive information stored in the backups, including the entire website database and files. An attacker exploiting this flaw could gain access to confidential data, potentially leading to data breaches, loss of user privacy, and compromise of the website's integrity. Since the vulnerability allows unauthenticated access, it poses a significant security risk.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The exposure of sensitive data through this vulnerability can lead to non-compliance with data protection regulations such as GDPR and HIPAA. These standards require organizations to protect personal and sensitive information from unauthorized access. A breach caused by this vulnerability could result in violations of these regulations, potentially leading to legal penalties, fines, and reputational damage.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if your WordPress site is running the Xagio SEO plugin version 7.1.0.5 or earlier and if the backup functionality is accessible without authentication. You can look for publicly accessible backup files or directories that expose sensitive data. On the server, you can check for the presence of backup files created by the plugin. Network detection could involve monitoring HTTP requests to backup-related endpoints or attempts to download backup files without authentication. Specific commands to detect this include: 1) Using curl or wget to attempt to access backup URLs without authentication, e.g., `curl -I https://your-site.com/wp-content/plugins/xagio-seo/backups/backup-file.zip` 2) Searching your web server logs for requests to backup-related paths or files. 3) On the server, listing backup files in the plugin's backup directory, e.g., `ls -l wp-content/uploads/xagio-backups/` or similar. 4) Using WordPress CLI to check the plugin version: `wp plugin get xagio-seo --field=version` [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1) Updating the Xagio SEO plugin to a version later than 7.1.0.5 where the vulnerability is fixed. 2) Restricting access to the backup directories and files by configuring your web server to deny public access to backup files. 3) Removing any existing backup files that may be publicly accessible. 4) Reviewing and tightening permissions on backup-related endpoints and ensuring that only authenticated and authorized users can access backup functionality. 5) If cloud storage is used, verify that access tokens and credentials are secure and that backups are not publicly accessible via cloud provider URLs. [1]