CVE-2024-13471 is a path traversal vulnerability classified under CWE-22 found in the DesignThemes Core Features plugin for WordPress, affecting all versions up to and including 4.7. The vulnerability stems from the dt_process_imported_file function lacking a proper capability check, which means that unauthenticated attackers can invoke this function to read arbitrary files on the underlying operating system. This occurs because the plugin fails to properly limit the pathname input, allowing traversal sequences (e.g., ../) to access files outside the intended directory scope. The vulnerability is remotely exploitable over the network without requiring any authentication or user interaction, making it highly accessible to attackers. The CVSS v3.1 score is 7.5 (high), reflecting the ease of exploitation (attack vector: network, attack complexity: low) and the severe confidentiality impact, as attackers can access sensitive files such as configuration files, password stores, or other critical data. However, the vulnerability does not affect integrity or availability of the system. No patches or official fixes are currently listed, and no known exploits have been reported in the wild as of the publication date. Given the popularity of WordPress and the widespread use of DesignThemes plugins, this vulnerability poses a substantial risk to websites using this plugin, potentially exposing sensitive information to attackers.

The primary impact of CVE-2024-13471 is unauthorized disclosure of sensitive information due to arbitrary file read capabilities. Attackers can access configuration files, credentials, private keys, or other sensitive data stored on the server, which can lead to further compromise such as privilege escalation, lateral movement, or targeted attacks. Organizations hosting WordPress sites with this plugin are at risk of data breaches, loss of customer trust, and regulatory penalties if sensitive data is exposed. Since the vulnerability requires no authentication and can be exploited remotely, it significantly lowers the barrier for attackers, including opportunistic threat actors and automated scanning tools. The scope includes all websites running the vulnerable plugin version, which may be substantial given the popularity of DesignThemes products. Although the vulnerability does not directly affect system integrity or availability, the confidentiality breach alone can have severe operational and reputational consequences.

1. Immediate mitigation should focus on restricting access to the vulnerable dt_process_imported_file function by implementing web server or application-level access controls, such as limiting HTTP methods or blocking suspicious requests containing path traversal patterns. 2. Deploy a Web Application Firewall (WAF) with custom rules to detect and block path traversal attempts targeting the DesignThemes plugin endpoints. 3. Monitor web server logs and application logs for unusual file access patterns or requests containing directory traversal sequences. 4. If possible, disable or remove the DesignThemes Core Features plugin until an official patch is released. 5. Follow DesignThemes and WordPress security advisories closely for updates or patches and apply them promptly once available. 6. Conduct a thorough audit of the server for signs of compromise, especially if the vulnerability was exposed for an extended period. 7. Educate site administrators about the risks of using outdated plugins and enforce strict plugin update policies. 8. Consider isolating WordPress instances in sandboxed environments to limit the impact of potential breaches.