CVE-2024-13567 is a vulnerability classified under CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor) affecting the Awesome Support – WordPress HelpDesk & Support Plugin. This plugin is widely used to manage support tickets within WordPress environments. The vulnerability exists because sensitive data, specifically file attachments included in support tickets, are stored in the /wp-content/uploads/awesome-support directory without adequate access controls. This misconfiguration allows unauthenticated attackers to directly access and download these files by navigating to the directory path, bypassing any authentication or authorization mechanisms. The issue affects all versions up to and including 6.3.1, with a partial patch applied in version 6.3.1 that does not fully mitigate the risk. The vulnerability is remotely exploitable over the network without any user interaction or privileges, making it straightforward for attackers to harvest sensitive information such as personal data, proprietary documents, or confidential communications. The CVSS v3.1 base score is 7.5, indicating a high severity primarily due to the high confidentiality impact (C:H), no integrity (I:N), and no availability (A:N) impact. No known exploits have been reported in the wild yet, but the exposure of sensitive attachments poses a significant risk to organizations relying on this plugin for customer support and ticket management. The vulnerability highlights the importance of secure file storage and access control in web applications, especially those handling sensitive customer data.

The primary impact of CVE-2024-13567 is the unauthorized disclosure of sensitive information stored in support ticket attachments. Organizations using the Awesome Support plugin risk exposure of confidential customer data, internal communications, and proprietary documents. This can lead to privacy violations, regulatory non-compliance (e.g., GDPR, HIPAA), reputational damage, and potential legal liabilities. Since the vulnerability does not affect integrity or availability, attackers cannot modify data or disrupt services directly, but the confidentiality breach alone is significant. The ease of exploitation without authentication increases the likelihood of automated scanning and mass data harvesting by attackers. Organizations with high volumes of sensitive support tickets or regulated data are particularly vulnerable. Additionally, attackers could use the exposed information for further targeted attacks such as phishing or social engineering. The lack of known exploits in the wild currently limits immediate risk, but the vulnerability remains a critical concern until fully patched and mitigated.

1. Immediately update the Awesome Support plugin to the latest version where the vulnerability is partially patched, and monitor for future updates that fully address the issue. 2. Restrict direct access to the /wp-content/uploads/awesome-support directory by implementing web server access controls such as .htaccess rules for Apache or location blocks for Nginx to deny or require authentication for file access. 3. Move sensitive file attachments outside of publicly accessible directories or serve them through controlled, authenticated endpoints that verify user permissions before delivering files. 4. Regularly audit and review file storage configurations and permissions within WordPress to ensure no sensitive data is exposed unintentionally. 5. Implement web application firewalls (WAFs) with rules to detect and block suspicious requests targeting the vulnerable directory paths. 6. Educate support staff and administrators about the risks of storing sensitive attachments and encourage encryption or redaction where feasible. 7. Monitor logs for unusual access patterns to the affected directories to detect potential exploitation attempts. 8. Consider additional plugin alternatives or custom solutions that follow secure file handling best practices if the vendor does not provide a complete fix promptly.