CVE-2024-13418: CWE-434 Unrestricted Upload of File with Dangerous Type in G5Theme Benaa Framework
Multiple plugins and/or themes for WordPress are vulnerable to Arbitrary File Uploads due to a missing capability check on the ajaxUploadFonts() function in various versions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files that can make remote code execution possible. This issue was escalated to Envato over two months from the date of this disclosure and the issue, while partially patched, is still vulnerable.
AI Analysis
Technical Summary
This vulnerability (CVE-2024-13418) affects multiple plugins and themes using the G5Theme Benaa Framework for WordPress. The ajaxUploadFonts() function lacks proper capability checks, allowing authenticated users with low privileges (Subscriber and above) to upload arbitrary files. This can enable remote code execution if malicious files are uploaded and executed. Although the issue was escalated to Envato and partially patched, the vulnerability persists in some form. No official patch links are provided, and the vendor advisory status is not available, so patch status remains unconfirmed.
Potential Impact
Successful exploitation allows an authenticated user with minimal privileges to upload arbitrary files, which can lead to remote code execution. This compromises the confidentiality, integrity, and availability of the affected WordPress site. Given the high CVSS score (8.8), the impact is significant, potentially allowing attackers to fully control the affected system.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since the issue is partially patched but still vulnerable, administrators should monitor for updates from G5Theme or Envato. Until a full fix is available, restrict user privileges and consider disabling or removing the affected ajaxUploadFonts() functionality if possible to reduce risk.
CVE-2024-13418: CWE-434 Unrestricted Upload of File with Dangerous Type in G5Theme Benaa Framework
Description
Multiple plugins and/or themes for WordPress are vulnerable to Arbitrary File Uploads due to a missing capability check on the ajaxUploadFonts() function in various versions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files that can make remote code execution possible. This issue was escalated to Envato over two months from the date of this disclosure and the issue, while partially patched, is still vulnerable.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CVE-2024-13418) affects multiple plugins and themes using the G5Theme Benaa Framework for WordPress. The ajaxUploadFonts() function lacks proper capability checks, allowing authenticated users with low privileges (Subscriber and above) to upload arbitrary files. This can enable remote code execution if malicious files are uploaded and executed. Although the issue was escalated to Envato and partially patched, the vulnerability persists in some form. No official patch links are provided, and the vendor advisory status is not available, so patch status remains unconfirmed.
Potential Impact
Successful exploitation allows an authenticated user with minimal privileges to upload arbitrary files, which can lead to remote code execution. This compromises the confidentiality, integrity, and availability of the affected WordPress site. Given the high CVSS score (8.8), the impact is significant, potentially allowing attackers to fully control the affected system.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since the issue is partially patched but still vulnerable, administrators should monitor for updates from G5Theme or Envato. Until a full fix is available, restrict user privileges and consider disabling or removing the affected ajaxUploadFonts() functionality if possible to reduce risk.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Wordfence
- Date Reserved
- 2025-01-15T18:30:23.100Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682d9838c4522896dcbec0c3
Added to database: 5/21/2025, 9:09:12 AM
Last enriched: 4/9/2026, 6:34:54 AM
Last updated: 5/7/2026, 2:18:09 AM
Views: 81
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.