Skip to main content

WordPress CVE-2024-12849

HIGH
Path Traversal (CWE-22)
2025-01-07 security@wordfence.com
WordPress Path Traversal
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Mar 28, 2026 - 18:02 vuln.today
CVE Published
Jan 07, 2025 - 06:15 nvd
HIGH 7.5

DescriptionCVE.org

The Error Log Viewer By WP Guru plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1.3 via the wp_ajax_nopriv_elvwp_log_download AJAX action. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.

AnalysisAI

The Error Log Viewer By WP Guru plugin for WordPress through version 1.0.1.3 exposes an unauthenticated AJAX endpoint that allows arbitrary file read via path traversal. Attackers can extract wp-config.php, database credentials, and any file readable by the web server process.

Technical ContextAI

The wp_ajax_nopriv_elvwp_log_download AJAX action accepts a filename parameter without proper path validation. By injecting directory traversal sequences (../), an attacker can read any file on the server that the web server process has permission to access. The nopriv registration means no WordPress authentication is required.

Affected ProductsAI

Error Log Viewer By WP Guru <= 1.0.1.3 WordPress sites with plugin installed

RemediationAI

Remove or deactivate the Error Log Viewer By WP Guru plugin immediately. Rotate database credentials and WordPress authentication keys/salts. Review access logs for requests to the elvwp_log_download AJAX action.

More from same product – last 7 days

CVE-2026-8935 CRITICAL POC
9.8 Jun 15

The WP MAPS PRO WordPress plugin before 6.1.1 registers an unauthenticated AJAX action which, given a valid nonce that i
CVE-2026-10795 HIGH POC
8.1 Jun 11

Remote code execution in UpdraftPlus: WP Backup & Migration Plugin for WordPress (versions ≤1.26.4) allows unauthenticat
CVE-2026-8089 HIGH POC
7.1 Jun 17

The weMail: Email Marketing, Email Automation, Newsletters, Subscribers & Email Optins for WooCommerce WordPress plugin

CVE-2026-9570 HIGH POC
7.1 Jun 17

The Taskbuilder WordPress plugin before 5.0.8 does not properly sanitise a URL parameter before echoing it into inline

CVE-2026-52704 CRITICAL
10.0 Jun 15

Remote code execution in Edgar Rojas WooCommerce PDF Invoice Builder WordPress plugin (versions through 2.0.8) allows un

Share

CVE-2024-12849 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy