CVE-2024-3893 in Classified Listing Plugininfo

Summary

by MITRE • 04/25/2024

The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the rtcl_fb_gallery_image_delete AJAX action in all versions up to, and including, 3.0.10.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary attachements.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Analysis

by VulDB Data Team • 04/24/2025

The Classified Listing plugin for WordPress presents a critical security vulnerability that undermines data integrity through insufficient access controls. This vulnerability exists within the rtcl_fb_gallery_image_delete AJAX endpoint, which fails to properly validate user permissions before executing deletion operations. The flaw affects all plugin versions up to and including 3.0.10.3, creating a persistent risk for WordPress installations that rely on this classified ads and business directory solution. Attackers with subscriber-level privileges or higher can exploit this weakness to remove arbitrary media attachments from the WordPress media library, potentially causing significant data loss and operational disruption.

The technical implementation of this vulnerability stems from a missing capability check within the AJAX handler responsible for gallery image deletion. When an authenticated user submits a request to delete gallery images through the rtcl_fb_gallery_image_delete endpoint, the plugin does not verify whether the requesting user possesses sufficient permissions to perform such operations. This oversight violates fundamental security principles of least privilege and access control enforcement. The vulnerability aligns with CWE-285, which addresses insufficient authorization in software systems, and represents a classic case of improper access control that allows unauthorized data manipulation. The flaw essentially creates a backdoor through which users with minimal privileges can bypass normal content management restrictions.

The operational impact of this vulnerability extends beyond simple data loss, as it enables attackers to disrupt business operations and potentially compromise the integrity of classified listings. Subscribers with access to the WordPress admin panel can remove images associated with their own listings or those of other users, which may contain critical business information or customer data. This unauthorized deletion capability could be leveraged to deface listings, remove evidence of business activities, or create confusion among users. The vulnerability particularly affects businesses that rely heavily on visual content for their classified advertisements, as the loss of associated media files can severely impact the presentation and functionality of their listings. Additionally, the compromised system may experience performance degradation due to the deletion of media files that are referenced throughout the WordPress database.

Organizations using this plugin should immediately implement multiple layers of mitigation to address the vulnerability. The most critical immediate action involves updating to the latest plugin version where the capability check has been properly implemented. System administrators should also review user roles and permissions to ensure that only trusted administrators have access to the affected functionality. Network monitoring should be enhanced to detect unusual AJAX requests targeting the rtcl_fb_gallery_image_delete endpoint, which could indicate exploitation attempts. Implementing proper input validation and output encoding practices can help prevent additional attack vectors that might be combined with this vulnerability. The remediation process should include thorough auditing of deleted media files and restoration of any lost content from backups. Security teams should also consider implementing web application firewalls that can detect and block suspicious AJAX requests based on behavioral patterns and access control violations. This vulnerability demonstrates the importance of regular security audits and proper access control implementation in WordPress plugins, as even minor oversights can create significant security risks for businesses relying on classified advertising platforms.

Responsible

Wordfence

Reservation

04/16/2024

Disclosure

04/25/2024

Moderation

accepted

CPE

ready

EPSS

0.00362

KEV

no

Activities

very low

Sources

Do you know our Splunk app?

Download it now for free!