CVE-2024-12719 is a vulnerability classified under CWE-862 (Missing Authorization) found in the WordPress File Upload plugin developed by nickboss. The flaw exists in the 'wfu_ajax_action_read_subfolders' function, which lacks proper capability checks to verify if the requesting user has sufficient permissions to access directory listings. This omission allows any authenticated user with at least Subscriber-level privileges to perform limited path traversal attacks, enabling them to enumerate directories and subdirectories within the WordPress environment. While the vulnerability does not permit viewing or downloading file contents, the ability to map directory structures can provide attackers with valuable information for subsequent attacks, such as identifying sensitive directories or files to target. The vulnerability affects all versions of the plugin up to and including 4.24.15. The CVSS v3.1 base score is 4.3, reflecting a medium severity due to the limited impact on confidentiality and no impact on integrity or availability. Exploitation requires authentication but no user interaction beyond that. No public exploits or patches have been reported as of the publication date, indicating the need for proactive mitigation by site administrators.

The primary impact of CVE-2024-12719 is unauthorized disclosure of directory structure information within WordPress sites using the affected plugin. This can facilitate attacker reconnaissance, enabling them to identify potentially sensitive directories or files, which may lead to more targeted attacks such as privilege escalation, exploitation of other vulnerabilities, or social engineering. Although direct file content access is not possible, the exposure of directory layouts can weaken the security posture of affected sites. Organizations relying on the WordPress File Upload plugin may face increased risk of information leakage, especially if they allow broad Subscriber-level access or have sensitive data stored in predictable directory structures. The vulnerability does not affect system integrity or availability directly but can be a stepping stone for more severe attacks. Given WordPress's widespread use globally, the threat has a broad potential impact, particularly for websites with multiple user roles and contributors.

To mitigate this vulnerability, organizations should immediately review and restrict user roles and permissions, ensuring that Subscriber-level or equivalent users have minimal access rights. Administrators should consider temporarily disabling or uninstalling the WordPress File Upload plugin until an official patch is released. Monitoring plugin updates from nickboss and applying patches promptly once available is critical. Additionally, implementing web application firewalls (WAFs) with rules to detect and block suspicious AJAX requests targeting 'wfu_ajax_action_read_subfolders' can reduce exploitation risk. Site owners should audit logs for unusual directory enumeration attempts and educate users about the risks of elevated privileges. Employing the principle of least privilege for all authenticated users and regularly reviewing user access can further reduce exposure. Finally, consider isolating sensitive directories with additional access controls or moving sensitive files outside the webroot where feasible.