WordPress Plugin Vulnerabilities

Spectra – WordPress Gutenberg Blocks < 2.12.7 - Contributor+ Path Traversal

Description

The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Path Traversal via the get_block_default_attributes function. This allows authenticated attackers, with contributor-level permissions and above, to read the contents of any files named attributes.php on the server, which can contain sensitive information.

Affects Plugins

Plugin icon
ultimate-addons-for-gutenberg
Fixed in 2.12.7

References

CVE
CVE-2024-3107
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/110e5e67-b318-4ab2-9b4d-59aabcf7db7c

Classification

Type
LFI
OWASP top 10
A1: Injection
CWE
CWE-22
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
Ngô Thiên An (ancorn_)
Verified
No
WPVDB ID
e50754e3-1833-4601-805f-bd3bdb5d6b7e

Timeline

Publicly Published
2024-04-26 (about 2 years ago)
Added
2024-04-29 (about 2 years ago)
Last Updated
2024-04-29 (about 2 years ago)

Other

Published
Title
Published
2024-04-25
Title
XStore Core <= 5.3.5 - Authenticated (Subscriber+) Limited Arbitrary File Download
Published
2026-04-16
Title
Client Portal (Pro) < 5.6.3 - Authenticated (CP Client+) Arbitrary File Download
Published
2026-04-02
Title
Perfmatters < 2.6.0 - Authenticated (Subscriber+) Arbitrary File Deletion via 'delete' Parameter
Published
2026-01-06
Title
Flashcard Plugin for WordPress <= 0.9 - Authenticated (Contributor+) Arbitrary File Read via Path Traversal
Published
2014-08-01
Title
Vitamin 1.0 - minify.php path Parameter Traversal Arbitrary File Access