add CVE-2024-9047

[Kazgangap]

WordPress File Upload <= 4.24.11 - Unauthenticated Path Traversal to Arbitrary File Read and Deletion in wfu_file_downloader.php

The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.11 via wfu_file_downloader.php. This makes it possible for unauthenticated attackers to read or delete files outside of the originally intended directory. Successful exploitation requires the targeted WordPress installation to be using PHP 7.4 or earlier.

The ‘Cookie’ variable can remain as it is.
poc script: https://github.com/iSee857/CVE-2024-9047-PoC

• Fixed CVE-2020-XXX / Added CVE-2020-XXX / Updated CVE-2020-XXX
• References:

Template Validation

I've validated this template locally?

• YES
• NO

Additional Details (leave it blank if not applicable)

Additional References:

• Nuclei Template Creation Guideline
• Nuclei Template Matcher Guideline
• Nuclei Template Contribution Guideline
• PD-Community Discord server

[DhiyaneshGeek]

HI @Kazgangap

There are hardcoded values present in both request and the cookie , are these values required for the exploit ?

i tried updating the template , but couldn't get it working

kindly update the template

Thanks

[Kazgangap]

HI @Kazgangap

There are hardcoded values present in both request and the cookie , are these values required for the exploit ?

i tried updating the template , but couldn't get it working

kindly update the template

Thanks

Hello @DhiyaneshGeek
I replaced the hardcoded values with dynamic values as you suggested. The template works.