CVE-2024-13829 in Form Builder Plugininfo

Summary

by MITRE • 02/05/2025

The WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 8.0.8 via the 'attachments.php' file. This makes it possible for unauthenticated attackers to extract sensitive data including files uploaded via forms.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Analysis

by VulDB Data Team • 02/05/2025

The Tripetto plugin for WordPress represents a critical vulnerability landscape within the WordPress ecosystem, specifically targeting the form builder component that handles contact forms, surveys, and quizzes. This vulnerability manifests through the 'attachments.php' file which serves as an entry point for unauthorized data access. The exposure affects all plugin versions up to and including 8.0.8, creating a widespread risk across numerous WordPress installations that rely on this particular plugin for user data collection and management. The vulnerability stems from inadequate access controls and authentication mechanisms within the plugin's file handling system.

The technical flaw resides in the insufficient authorization checks implemented within the attachments.php script, which fails to verify whether the requesting user possesses proper credentials or permissions to access uploaded form attachments. This misconfiguration allows any unauthenticated attacker to directly access the file system paths where form submissions and associated attachments are stored. The vulnerability operates at the application layer and specifically targets the plugin's file retrieval functionality, bypassing WordPress's standard authentication mechanisms. Attackers can exploit this weakness by directly accessing the vulnerable endpoint with predictable file paths or through parameter manipulation techniques that reveal the location of uploaded attachments.

The operational impact of this vulnerability extends beyond simple data exposure, as it enables comprehensive data harvesting from potentially sensitive user submissions. Unauthenticated attackers can systematically extract all files uploaded through forms, including personal information, survey responses, quiz answers, and potentially confidential business data. This exposure creates significant risks for organizations relying on the plugin for data collection, as it undermines the confidentiality assurances typically expected from form submission systems. The vulnerability particularly affects businesses that process personal data, healthcare providers, educational institutions, and any organization handling sensitive information through WordPress forms.

Security practitioners should implement immediate mitigations including disabling or removing the vulnerable plugin until a patched version is available, implementing web application firewalls to block access to the specific vulnerable endpoint, and conducting thorough audits of all form builder plugins in use. The vulnerability aligns with CWE-200, which addresses information exposure, and maps to ATT&CK technique T1213.002 for data from information repositories. Organizations should also review their file permissions and access controls, implement proper input validation, and consider deploying monitoring solutions to detect unauthorized access attempts to form attachment directories. Regular security assessments and patch management processes become critical to prevent exploitation of similar vulnerabilities in other WordPress plugins and systems.

Responsible

Wordfence

Reservation

02/04/2025

Disclosure

02/05/2025

Moderation

accepted

CPE

ready

EPSS

0.00402

KEV

no

Activities

very low

Sources

Might our Artificial Intelligence support you?

Check our Alexa App!