CVE-2024-13374 is a vulnerability identified in the WP Table Manager plugin for WordPress, developed by JoomUnited. The issue stems from a missing authorization (CWE-862) on the AJAX action 'thewptm_getFolders', which is responsible for retrieving folder information. This missing capability check means that any authenticated user with at least Subscriber-level access can invoke this AJAX endpoint to enumerate arbitrary file names and directories on the server. The vulnerability affects all plugin versions up to and including 4.1.3. The attack vector is network-based and does not require user interaction, making exploitation straightforward for authenticated users. The CVSS 3.1 base score is 4.3 (medium), reflecting limited confidentiality impact without integrity or availability compromise. The flaw does not allow modification or deletion of files but leaks directory and file name information, which can facilitate further attacks such as targeted phishing, privilege escalation, or exploitation of other vulnerabilities. No patches or official fixes are currently linked, and no known exploits have been reported in the wild. The vulnerability is particularly concerning for WordPress sites that allow user registrations at Subscriber level or higher, as these accounts can be leveraged to extract sensitive directory structure information.

The primary impact of CVE-2024-13374 is unauthorized disclosure of directory and file names within the WordPress environment hosting the WP Table Manager plugin. This information disclosure can aid attackers in mapping the file system, identifying sensitive files, configuration files, or backup data, and planning more targeted attacks such as privilege escalation, code injection, or data exfiltration. While the vulnerability does not directly allow modification or deletion of files, the reconnaissance advantage it provides can significantly increase the risk profile of affected sites. Organizations running WordPress sites with this plugin, especially those with open user registration or multiple user roles, face increased risk of information leakage. This can lead to reputational damage, data breaches, or further compromise if combined with other vulnerabilities. The vulnerability affects a broad scope of systems globally due to the widespread use of WordPress and the popularity of the WP Table Manager plugin among site administrators for managing tables within content.

To mitigate CVE-2024-13374, organizations should first check for and apply any available updates or patches from JoomUnited addressing this vulnerability. If no official patch is available, administrators should consider temporarily disabling the WP Table Manager plugin or restricting access to the AJAX endpoint 'thewptm_getFolders' via web application firewall (WAF) rules or server-level access controls. Additionally, review and tighten user role permissions to limit Subscriber-level or higher access only to trusted users, reducing the attack surface. Implement monitoring and logging of AJAX requests to detect unusual access patterns to this endpoint. Employ security plugins that enforce capability checks and restrict unauthorized AJAX actions. Finally, conduct regular security audits and vulnerability scans to identify and remediate similar authorization issues proactively.