CVE-2024-10011

Name of the Vulnerable Software and Affected Versions BuddyPress plugin for WordPress versions up to, and including, 14.1.0

Description The issue allows authenticated attackers with Subscriber-level access and above to perform actions on files outside of the originally intended directory via the id parameter. This enables file uploads to directories outside of the web root. Depending on server configuration, it may be possible to upload files with double extensions. The issue only affects Windows.

Recommendations For versions up to, and including, 14.1.0, consider restricting access to the id parameter to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the id parameter in affected API endpoints until the issue is resolved.