CVE-2024-13529 is a vulnerability classified under CWE-862 (Missing Authorization) found in the SocialV - Social Network and Community BuddyPress Theme for WordPress, developed by iqonicdesign. The issue arises from the 'socialv_send_download_file' function, which fails to perform proper capability checks before allowing file downloads. This missing authorization check enables any authenticated user with at least Subscriber-level privileges to download arbitrary files from the web server hosting the WordPress site. Since Subscriber-level access is commonly granted to registered users, the attack surface is broad within affected sites. The vulnerability affects all versions up to and including 2.0.15. The CVSS v3.1 score is 6.5 (medium severity), reflecting the network attack vector, low attack complexity, and the requirement for privileges but no user interaction. The flaw compromises confidentiality by exposing potentially sensitive files but does not impact data integrity or system availability. No patches or official fixes have been linked yet, and no known exploits have been reported in the wild as of the publication date. However, the vulnerability’s nature makes it a candidate for exploitation in environments where the theme is deployed, especially in community or social networking sites using BuddyPress. The vulnerability highlights the importance of enforcing strict authorization checks on all file access functions within WordPress themes and plugins.

This vulnerability allows attackers with minimal privileges (Subscriber-level) to access arbitrary files on the server, potentially exposing sensitive information such as configuration files, user data, or credentials stored in files. The confidentiality breach could lead to further attacks, including credential theft, privilege escalation, or targeted exploitation based on the exposed data. Since the vulnerability does not affect integrity or availability, the immediate operational impact is limited; however, the exposure of sensitive files can have severe consequences for privacy and security compliance. Organizations running WordPress sites with the SocialV theme, especially those hosting user-generated content or sensitive data, face increased risk of data leakage. The broad user base of WordPress and the popularity of BuddyPress themes amplify the potential impact globally. Attackers do not require user interaction beyond authentication, making exploitation feasible in environments with low user privilege segregation or where subscriber accounts are easily obtained.

To mitigate this vulnerability, organizations should first check for any official patches or updates from iqonicdesign and apply them promptly once available. In the absence of an official patch, administrators should consider temporarily disabling or restricting access to the vulnerable 'socialv_send_download_file' functionality, possibly by modifying the theme code to add proper capability checks (e.g., verifying user roles before allowing file downloads). Implementing strict file system permissions on the server to limit access to sensitive files can reduce exposure. Monitoring and auditing user accounts with Subscriber-level access to ensure they are legitimate and minimizing the number of such accounts can also help reduce risk. Additionally, deploying Web Application Firewalls (WAFs) with custom rules to detect and block suspicious requests targeting the vulnerable function may provide interim protection. Regular security assessments and penetration testing focused on authorization controls in WordPress themes and plugins are recommended to detect similar issues proactively.