# WordPress Automatic插件 <= 3.92.0 - 无需认证的任意文件下载和SSRF漏洞
## 漏洞概述
WP Automatic版本中存在路径遍历漏洞(Path Traversal),允许攻击者进行路径遍历和服务器端请求伪造(Server Side Request Forgery)。
## 影响版本
- 从 n/a 至 3.92.0
## 漏洞细节
路径遍历漏洞(Path Traversal)允许攻击者提供精心构造的文件路径,从而访问或者操作受限目录之外的文件。
## 漏洞影响
- 攻击者可以利用此漏洞访问网站内部文件,甚至可能执行服务器端请求伪造(SSRF),从而进一步危害系统安全。
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | Automatic Plugin for WordPress < 3.92.1 Multiples Vulnerabilities | https://github.com/fa-rrel/CVE-2024-27954 | POC详情 |
| 2 | None | https://github.com/Quantum-Hacker/CVE-2024-27954 | POC详情 |
| 3 | Automatic Plugin for WordPress < 3.92.1 Multiples Vulnerabilities | https://github.com/gh-ost00/CVE-2024-27954 | POC详情 |
| 4 | WordPress Automatic plugin <3.92.1 is vulnerable to unauthenticated Arbitrary File Download and SSRF Located in the downloader.php file, could permit attackers to download any file from a site. Sensitive data, including login credentials and backup files, could fall into the wrong hands. This vulnerability has been patched in version 3.92.1. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-27954.yaml | POC详情 |
| 5 | None | https://github.com/r0otk3r/CVE-2024-27954 | POC详情 |
暂无评论