CVE-2024-13604 is a vulnerability classified under CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor) affecting the KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin for WordPress. This plugin, widely used for managing customer support tickets and knowledge bases, stores file attachments and sensitive data related to support tickets in the /wp-content/uploads/kbs directory. Due to improper access controls, this directory and its contents are accessible without authentication, allowing any remote attacker to retrieve sensitive files. The vulnerability affects all plugin versions up to and including 1.7.4, with a partial fix introduced in version 1.7.3.2 that did not fully resolve the issue. The CVSS v3.1 score is 7.5, reflecting high severity due to the ease of exploitation (network accessible, no privileges or user interaction required) and the high confidentiality impact. The vulnerability does not affect integrity or availability but poses a significant risk of data leakage, potentially exposing sensitive customer information, internal communications, or proprietary data contained in support ticket attachments. No public exploits have been reported yet, but the exposure of sensitive data makes this a critical concern for organizations relying on this plugin for customer support operations.

The primary impact of CVE-2024-13604 is the unauthorized disclosure of sensitive information, which can include personal data, confidential business information, or proprietary files attached to support tickets. This exposure can lead to privacy violations, regulatory non-compliance (e.g., GDPR, HIPAA), reputational damage, and potential follow-on attacks such as social engineering or targeted phishing. Since the vulnerability requires no authentication and is remotely exploitable, it significantly increases the attack surface for organizations using the affected plugin. The breach of sensitive support ticket data could undermine customer trust and expose organizations to legal liabilities. Additionally, attackers could use the leaked information to escalate attacks or gain further access to internal systems. The scope of impact is broad, affecting any WordPress site using the vulnerable plugin versions, which may include small businesses, enterprises, and service providers worldwide.

1. Immediate upgrade: Organizations should update the KB Support plugin to the latest version beyond 1.7.4 once a full patch is released. Until then, consider disabling the plugin if feasible. 2. Access restrictions: Implement web server-level access controls (e.g., .htaccess rules for Apache or equivalent for NGINX) to restrict public access to the /wp-content/uploads/kbs directory, allowing only authenticated users or internal IP ranges. 3. File permissions: Review and tighten file and directory permissions to prevent unauthorized read access. 4. Monitoring and logging: Enable detailed access logs for the uploads directory to detect any suspicious access attempts. 5. Data minimization: Avoid storing sensitive attachments in publicly accessible directories; consider encrypting sensitive files at rest. 6. Incident response: Prepare to notify affected customers if sensitive data exposure is confirmed. 7. Vendor engagement: Monitor vendor announcements for official patches and guidance. 8. Web Application Firewall (WAF): Deploy rules to block unauthorized requests targeting the vulnerable directory. These steps go beyond generic advice by focusing on immediate containment and layered defenses until a full patch is available.