CVE-2024-8856
Backup and Staging by WP Time Capsule <= 1.22.21 - Unauthenticated Arbitrary File Upload
Description
The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, 1.22.21. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
INFO
Published Date :
Nov. 16, 2024, 5:15 a.m.
Last Modified :
July 9, 2025, 6:51 p.m.
Remotely Exploit :
Yes !
Source :
[email protected]
CVSS Scores
| Score | Version | Severity | Vector | Exploitability Score | Impact Score | Source | 
|---|---|---|---|---|---|---|
| CVSS 3.1 | CRITICAL | [email protected] | 
Public PoC/Exploit Available at Github
                                            CVE-2024-8856 has a 2 public
                                            PoC/Exploit available at Github.
                                            Go to the Public Exploits tab to see the list.
                                        
References to Advisories, Solutions, and Tools
                                            Here, you will find a curated list of external links that provide in-depth
                                            information, practical solutions, and valuable tools related to
                                            CVE-2024-8856.
                                        
CWE - Common Weakness Enumeration
            While CVE identifies
            specific instances of vulnerabilities, CWE categorizes the common flaws or
            weaknesses that can lead to vulnerabilities. CVE-2024-8856 is
            associated with the following CWEs:
        
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
            (CAPEC)
            stores attack patterns, which are descriptions of the common attributes and
            approaches employed by adversaries to exploit the CVE-2024-8856
            weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
This tool scans WordPress websites for vulnerabilities in the WP Time Capsule plugin related to CVE-2024-8856. It identifies plugin versions below 1.22.22 as vulnerable and logs results to vuln.txt. Simple and efficient, it helps security researchers and admins detect and address risks quickly.
cve-scanner security-tools vulnerability wordpress wordpress-security cve-2024-8856 plugin-vulnerability wordpress-plugin-scanner wp-time-capsule
Python
WordPress WP Time Capsule Plugin Arbitrary File Upload Vulnerability
Results are limited to the first 15 repositories due to potential performance issues.
			The following list is the news that have been mention
			CVE-2024-8856 vulnerability anywhere in the article.
		
 
									- 
                                                            
                                                                Daily CyberSecurity 
CVE-2025-55205: Critical Flaw in Capsule Kubernetes Exposes Clusters to Cross-Tenant Attacks
A newly disclosed vulnerability in the Capsule Kubernetes multi-tenancy framework exposes organizations to privilege escalation and cross-tenant attacks. Tracked as CVE-2025-55205 with a CVSS score of ... Read more
 
									- 
                                                            
                                                                Cybersecurity News 
CVE-2024-12209 (CVSS 9.8): WP Umbrella Plugin Vulnerability Exposes 30,000 Websites to Compromise
A critical security vulnerability has been discovered in the popular WordPress plugin, WP Umbrella, which is used by over 30,000 websites. The flaw, identified as CVE-2024-12209 and assigned a CVSS sc ... Read more
 
									- 
                                                            
                                                                Cybersecurity News 
Palo Alto Networks Warns of GlobalProtect App Flaw with Public Exploit Code (CVE-2024-5921)
Palo Alto Networks has issued a security advisory warning of a vulnerability in its GlobalProtect app that could allow attackers to install malicious software on endpoints.The vulnerability, identifie ... Read more
 
									- 
                                                            
                                                                Cybersecurity News 
CISA Sounds the Alarm on Actively Exploited Apple and Oracle Zero-Days
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about three actively exploited vulnerabilities affecting Apple and Oracle products. These flaws, added to CISA’ ... Read more
 
									- 
                                                            
                                                                Cybersecurity News 
CVE-2024-52940: AnyDesk Vulnerability Exposes User IP Addresses, PoC Published
Image: Ebrahim ShafieiA newly discovered vulnerability in popular remote desktop software AnyDesk could allow attackers to uncover users’ IP addresses, posing significant privacy risks. Security resea ... Read more
 
									- 
                                                            
                                                                Cybersecurity News 
FrostyGoop: New ICS Malware Exploits Modbus TCP Protocol
Recently, Palo Alto Networks has released an in-depth analysis of FrostyGoop, also known as BUSTLEBERM, a sophisticated malware targeting operational technology (OT). This malware gained attention in ... Read more
 
									- 
                                                            
                                                                Cybersecurity News 
CVE-2024-51503: Trend Micro Deep Security Agent RCE Vulnerability Fixed
A recently discovered vulnerability in the Trend Micro Deep Security 20 Agent could have allowed attackers to execute arbitrary code on affected machines. The vulnerability, identified as CVE-2024-515 ... Read more
 
									- 
                                                            
                                                                Cybersecurity News 
Analysis & PoC Exploits Released for Palo Alto Zero-Days – CVE-2024-0012 and CVE-2024-9474
Image: WatchtowrIn a recent analysis, security researcher Sonny from watchTowr unveiled the technical intricacies of two zero-day vulnerabilities affecting Palo Alto Networks’ Next-Generation Firewall ... Read more
 
									- 
                                                            
                                                                Cybersecurity News 
CVE-2024-0012 and CVE-2024-9474: Actively Exploited Vulnerabilities Impact Palo Alto Networks PAN-OS
Palo Alto Networks has issued critical advisories regarding two actively exploited vulnerabilities in their PAN-OS software, posing significant risks to organizations relying on the platform for netwo ... Read more
 
									- 
                                                            
                                                                Cybersecurity News 
CVE-2024-8856: WP Time Capsule Plugin Vulnerability Exposes 20,000+ Sites to TakeOver
A high-severity vulnerability in WP Time Capsule, a popular WordPress backup plugin, has left over 20,000 websites vulnerable to complete takeover.Discovered by security researcher Rein Daelman, the f ... Read more
                The following table lists the changes that have been made to the
                CVE-2024-8856 vulnerability over time.
            
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
- 
                            Initial Analysis by [email protected]Jul. 09, 2025 Action Type Old Value New Value Added CPE Configuration OR *cpe:2.3:a:revmakx:backup_and_staging_by_wp_time_capsule:*:*:*:*:*:wordpress:*:* versions up to (excluding) 1.22.22 Added Reference Type Wordfence: https://hacked.be/posts/CVE-2024-8856 Types: Product Added Reference Type Wordfence: https://plugins.trac.wordpress.org/browser/wp-time-capsule/trunk/wp-tcapsule-bridge/upload/php/UploadHandler.php Types: Product Added Reference Type Wordfence: https://plugins.trac.wordpress.org/changeset/3188325/ Types: Patch Added Reference Type Wordfence: https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3153289%40wp-time-capsule&new=3153289%40wp-time-capsule&sfp_email=&sfph_mail= Types: Patch Added Reference Type Wordfence: https://www.wordfence.com/threat-intel/vulnerabilities/id/fdc2de78-5601-461f-b2f0-c80b592ccb1b?source=cve Types: Third Party Advisory 
- 
                            CVE Modified by [email protected]Nov. 21, 2024 Action Type Old Value New Value Added Reference https://hacked.be/posts/CVE-2024-8856 
- 
                            CVE Received by [email protected]Nov. 16, 2024 Action Type Old Value New Value Added Description The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, 1.22.21. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Added Reference Wordfence https://www.wordfence.com/threat-intel/vulnerabilities/id/fdc2de78-5601-461f-b2f0-c80b592ccb1b?source=cve [No types assigned] Added Reference Wordfence https://plugins.trac.wordpress.org/browser/wp-time-capsule/trunk/wp-tcapsule-bridge/upload/php/UploadHandler.php [No types assigned] Added Reference Wordfence https://plugins.trac.wordpress.org/changeset/3188325/ [No types assigned] Added Reference Wordfence https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3153289%40wp-time-capsule&new=3153289%40wp-time-capsule&sfp_email=&sfph_mail= [No types assigned] Added CWE Wordfence CWE-434 Added CVSS V3.1 Wordfence AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 
 
                         
                         
                         
                                             
                                            