Plattform
wordpress
Komponente
wp-hide-security-enhancer
Behoben in
2.5.2
CVE-2024-11585 describes an arbitrary file access vulnerability affecting the WP Hide & Security Enhancer plugin for WordPress. This flaw allows unauthenticated attackers to delete arbitrary files on the server, leading to potential site breakage or data loss. The vulnerability impacts versions of the plugin up to and including 2.5.1. A fix is available in a later version of the plugin.
The impact of CVE-2024-11585 is severe due to its ease of exploitation and potential for widespread damage. An attacker can leverage this vulnerability to delete critical configuration files, core WordPress files, or even application data, effectively rendering the website unusable. The lack of authentication required for exploitation significantly broadens the attack surface, making it accessible to a wide range of malicious actors. Successful exploitation could lead to complete site compromise, data exfiltration, or denial of service. This vulnerability shares similarities with other file access vulnerabilities where insufficient validation allows attackers to manipulate file paths.
CVE-2024-11585 was publicly disclosed on December 6, 2024. No public proof-of-concept (PoC) code has been widely reported at the time of writing, but the vulnerability's simplicity suggests that a PoC is likely to emerge. The vulnerability is not currently listed on the CISA KEV catalog. Active exploitation campaigns are not confirmed, but the ease of exploitation warrants heightened vigilance.
Websites using the WP Hide & Security Enhancer plugin, particularly those running older versions (≤2.5.1), are at risk. Shared hosting environments are particularly vulnerable as they often have limited file permission controls, making it easier for attackers to exploit this vulnerability.
• wordpress / composer / npm:
grep -r 'file_process.php' /var/www/html/wp-content/plugins/• wordpress / composer / npm:
wp plugin list | grep "WP Hide & Security Enhancer"• wordpress / composer / npm:
curl -I http://your-wordpress-site.com/wp-content/plugins/wp-hide-security-enhancer/file-process.php?file=../../../../etc/passwddisclosure
Exploit-Status
EPSS
2.01% (84% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-11585 is to immediately upgrade the WP Hide & Security Enhancer plugin to a patched version. If upgrading is not immediately feasible due to compatibility concerns or breaking changes, consider temporarily restricting file access permissions on the server to limit the potential damage. While not a complete solution, implementing a Web Application Firewall (WAF) with rules to block suspicious file access attempts can provide an additional layer of defense. Monitor WordPress logs for unusual file deletion activity. After upgrading, verify the integrity of critical files and directories using a file integrity monitoring tool.
Actualice el plugin WP Hide & Security Enhancer a la última versión disponible. La vulnerabilidad que permite la eliminación de contenido de archivos arbitrarios sin autenticación se ha corregido en versiones posteriores a la 2.5.1.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-11585 is a vulnerability in the WP Hide & Security Enhancer plugin that allows unauthenticated attackers to delete arbitrary files on a WordPress server.
You are affected if you are using WP Hide & Security Enhancer version 2.5.1 or earlier. Check your plugin version and upgrade immediately.
Upgrade the WP Hide & Security Enhancer plugin to the latest available version. If upgrading is not immediately possible, restrict file access permissions and implement WAF rules.
There is currently no confirmed active exploitation, but the ease of exploitation suggests it could become a target.
Refer to the official WP Hide & Security Enhancer website and WordPress plugin repository for the latest advisory and update information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.