Plattform
wordpress
Komponente
classic-addons-wpbakery-page-builder-addons
Behoben in
3.0.1
CVE-2024-11952 describes a Limited Local PHP File Inclusion (LFI) vulnerability affecting the Classic Addons – WPBakery Page Builder plugin for WordPress. This vulnerability allows authenticated users with Contributor-level access or higher to include and execute arbitrary files on the server. The vulnerability impacts versions of the plugin up to and including 3.0. A fix is available in a patched version of the plugin.
An attacker exploiting this vulnerability could achieve remote code execution on the WordPress server. By leveraging the 'style' parameter, an authenticated contributor can include and execute arbitrary PHP code. This could lead to the theft of sensitive data, modification of website content, or even complete server compromise. The ability to upload images or other file types that can be included amplifies the attack surface, allowing attackers to inject malicious PHP code into seemingly harmless files. This vulnerability shares similarities with other LFI exploits where file inclusion is used to bypass access controls and execute arbitrary code.
CVE-2024-11952 was publicly disclosed on December 4, 2024. There is currently no indication of active exploitation in the wild, but the availability of a public proof-of-concept could change this. The vulnerability's reliance on authenticated access limits its immediate exploitability, but the potential for code execution warrants prompt remediation. It is not currently listed on the CISA KEV catalog.
WordPress websites utilizing the Classic Addons – WPBakery Page Builder plugin, particularly those with multiple users granted Contributor-level access or higher, are at risk. Shared hosting environments where users have limited control over plugin updates and configurations are also particularly vulnerable. Sites with legacy configurations or outdated security practices are more susceptible to exploitation.
• wordpress: Use wp-cli to check the installed plugin version:
wp plugin list | grep 'Classic Addons'• wordpress: Search plugin files for the vulnerable 'style' parameter usage. Look for patterns like include($_GET['style']); or similar.
• generic web: Monitor web server access logs for requests containing suspicious file paths in the 'style' parameter, such as /../../../../etc/passwd.
• generic web: Check WordPress error logs for PHP inclusion errors related to the 'style' parameter.
disclosure
Exploit-Status
EPSS
0.12% (30% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-11952 is to immediately update the Classic Addons – WPBakery Page Builder plugin to a version that addresses the vulnerability. If an immediate upgrade is not feasible due to compatibility issues or breaking changes, consider restricting file upload permissions for users with Contributor access. Implement strict input validation on the 'style' parameter to prevent malicious file paths. Web Application Firewalls (WAFs) configured to detect and block attempts to include arbitrary files can provide an additional layer of defense. Monitor WordPress access logs for suspicious file inclusion attempts.
Actualice el plugin Classic Addons – WPBakery Page Builder a la última versión disponible. Esto solucionará la vulnerabilidad de inclusión de archivos PHP local.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-11952 is a Limited Local PHP File Inclusion vulnerability in the Classic Addons plugin for WordPress, allowing authenticated users to execute arbitrary PHP code.
You are affected if you are using Classic Addons – WPBakery Page Builder version 3.0 or earlier.
Upgrade the Classic Addons – WPBakery Page Builder plugin to the latest patched version.
While no widespread exploitation has been confirmed, the vulnerability's ease of exploitation makes it a potential target.
Refer to the official Classic Addons website or the WPBakery Page Builder security advisory for updates and details.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.