CVE-2024-13791

MEDIUM

Bitapps Bit Assist < 1.5.3 - Path Traversal

Title source: rule

Description

Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.2 via the downloadResponseFile() function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.

References (4)

[Product] https://github.com/WordPressBugBounty/plugins-bit-assist/blob/main/bit-assist/backend/app/HTTP/Controllers/DownloadController.php

View Writeup ZIP pw:eip

[Patch] https://plugins.trac.wordpress.org/changeset/3239816/#file3

[Product, Release Notes] https://wordpress.org/plugins/bit-assist/#developers

[Third Party Advisory] https://www.wordfence.com/threat-intel/vulnerabilities/id/17fd14e7-503a-49e4-9344-5f8d51801eb3?source=cve

Scores

CVSS v3 4.9

EPSS 0.0032

EPSS Percentile 54.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-22 CWE-23

Status published

Affected Products (1)

bitapps/bit_assist < 1.5.3

Timeline

Published Feb 14, 2025

Tracked Since Feb 18, 2026