CVE-2024-13611

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Mar 1, 2025

CWE ID 200

Summary

CVE-2024-13611 is a vulnerability affecting the Better Messages – Live Chat plugin for WordPress and related platforms. In all versions up to 2.6.9, sensitive information is exposed due to insecure file handling in the 'bp-better-messages' directory. Unauthenticated attackers can exploit this issue and gain access to chat file attachments stored in the /wp-content/uploads/bp-better-messages directory. This vulnerability poses a significant risk, as it allows unauthorized users to extract sensitive data. Upgrading to the latest version of the plugin or implementing appropriate security measures is highly recommended to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Know What Matters

For Customers

For Partners

CVE-2024-13611

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations