CVE-2024-2654 - Vulnerability Details - OpenCVE

The File Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 7.2.5 via the fm_download_backup function. This makes it possible for authenticated attackers, with administrator access and above, to read the contents of arbitrary zip files on the server, which can contain sensitive information.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.01334.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Filemanagerpro	File Manager

Configuration 1 [-]

cpe:2.3:a:filemanagerpro:file_manager:*:*:*:*:free:wordpress:*:*

No data.

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/browser/wp-file-manager/trunk/file_folder_manager.php#L1353
https://plugins.trac.wordpress.org/changeset/3062387/wp-file-manager/trunk?contextall=1&old=3051451&old_path=%2Fwp-file-manager%2Ftrunk
https://www.wordfence.com/threat-intel/vulnerabilities/id/ca98fbc6-8cfa-4997-8a46-344afb75a97e?source=cve

History

Wed, 27 Aug 2025 21:30:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-35

Mon, 24 Mar 2025 15:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Filemanagerpro Filemanagerpro file Manager
CPEs		cpe:2.3:a:filemanagerpro:file_manager:::::free:wordpress::
Vendors & Products		Filemanagerpro Filemanagerpro file Manager

Tue, 04 Mar 2025 03:45:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 26 Feb 2025 18:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-35

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-04-09T18:59:21.868Z

Updated: 2025-08-27T21:02:57.367Z

Reserved: 2024-03-19T15:26:37.155Z

Link: CVE-2024-2654

Vulnrichment

Updated: 2024-08-01T19:18:48.250Z

NVD

Status : Modified

Published: 2024-04-09T19:15:35.947

Modified: 2025-08-27T21:15:44.383

Link: CVE-2024-2654

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-2654", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2024-03-19T15:26:37.155Z", "datePublished": "2024-04-09T18:59:21.868Z", "dateUpdated": "2025-08-27T21:02:57.367Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-04-09T18:59:21.868Z"}, "affected": [{"vendor": "mndpsingh287", "product": "File Manager", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "7.2.5", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The File Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 7.2.5 via the fm_download_backup function. This makes it possible for authenticated attackers, with administrator access and above, to read the contents of arbitrary zip files on the server, which can contain sensitive information."}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ca98fbc6-8cfa-4997-8a46-344afb75a97e?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-file-manager/trunk/file_folder_manager.php#L1353"}, {"url": "https://plugins.trac.wordpress.org/changeset/3062387/wp-file-manager/trunk?contextall=1&old=3051451&old_path=%2Fwp-file-manager%2Ftrunk"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-35 Path Traversal: '.../...//'"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "baseScore": 6.8, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Abdelnour Osman"}], "timeline": [{"time": "2024-04-03T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-2654", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-11T17:02:21.174260Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-27T21:02:57.367Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:18:48.250Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ca98fbc6-8cfa-4997-8a46-344afb75a97e?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/wp-file-manager/trunk/file_folder_manager.php#L1353", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/3062387/wp-file-manager/trunk?contextall=1&old=3051451&old_path=%2Fwp-file-manager%2Ftrunk", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ca98fbc6-8cfa-4997-8a46-344afb75a97e?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/wp-file-manager/trunk/file_folder_manager.php#L1353", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/3062387/wp-file-manager/trunk?contextall=1&old=3051451&old_path=%2Fwp-file-manager%2Ftrunk", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:18:48.250Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-2654", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-11T17:02:21.174260Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:23.300Z"}}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Abdelnour Osman"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"}}], "affected": [{"vendor": "mndpsingh287", "product": "File Manager", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "7.2.5"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-04-03T00:00:00.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ca98fbc6-8cfa-4997-8a46-344afb75a97e?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-file-manager/trunk/file_folder_manager.php#L1353"}, {"url": "https://plugins.trac.wordpress.org/changeset/3062387/wp-file-manager/trunk?contextall=1&old=3051451&old_path=%2Fwp-file-manager%2Ftrunk"}], "descriptions": [{"lang": "en", "value": "The File Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 7.2.5 via the fm_download_backup function. This makes it possible for authenticated attackers, with administrator access and above, to read the contents of arbitrary zip files on the server, which can contain sensitive information."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-35 Path Traversal: '.../...//'"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-04-09T18:59:21.868Z"}}}, "cveMetadata": {"cveId": "CVE-2024-2654", "state": "PUBLISHED", "dateUpdated": "2025-08-27T21:02:57.367Z", "dateReserved": "2024-03-19T15:26:37.155Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2024-04-09T18:59:21.868Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:filemanagerpro:file_manager:*:*:*:*:free:wordpress:*:*", "matchCriteriaId": "C973F4BF-578B-464A-8A13-B204D571FBE3", "versionEndExcluding": "7.2.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The File Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 7.2.5 via the fm_download_backup function. This makes it possible for authenticated attackers, with administrator access and above, to read the contents of arbitrary zip files on the server, which can contain sensitive information."}, {"lang": "es", "value": "El complemento File Manager para WordPress es vulnerable a Directory Traversal en todas las versiones hasta la 7.2.5 incluida a trav\u00e9s de la funci\u00f3n fm_download_backup. Esto hace posible que atacantes autenticados, con acceso de administrador y superior, lean el contenido de archivos zip arbitrarios en el servidor, que pueden contener informaci\u00f3n confidencial."}], "id": "CVE-2024-2654", "lastModified": "2025-08-27T21:15:44.383", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 4.0, "source": "security@wordfence.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 4.0, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-04-09T19:15:35.947", "references": [{"source": "security@wordfence.com", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/wp-file-manager/trunk/file_folder_manager.php#L1353"}, {"source": "security@wordfence.com", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/3062387/wp-file-manager/trunk?contextall=1&old=3051451&old_path=%2Fwp-file-manager%2Ftrunk"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ca98fbc6-8cfa-4997-8a46-344afb75a97e?source=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/wp-file-manager/trunk/file_folder_manager.php#L1353"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/3062387/wp-file-manager/trunk?contextall=1&old=3051451&old_path=%2Fwp-file-manager%2Ftrunk"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ca98fbc6-8cfa-4997-8a46-344afb75a97e?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Modified"}