Plattform
wordpress
Komponente
jetgridbuilder
Behoben in
1.1.3
CVE-2024-43221 describes a Path Traversal vulnerability within the Crocoblock JetGridBuilder plugin for WordPress. This flaw allows attackers to potentially include arbitrary files on the server, leading to sensitive data exposure or even remote code execution. The vulnerability impacts versions of JetGridBuilder prior to 1.1.3, and a patch has been released to address the issue.
The core impact of CVE-2024-43221 lies in its ability to enable PHP Local File Inclusion (LFI). An attacker exploiting this vulnerability could craft malicious requests to include arbitrary files from the server's filesystem. This could allow them to read sensitive configuration files, source code, or even execute arbitrary PHP code, effectively gaining control of the WordPress instance. The blast radius extends to any data accessible through the web server, including user data, database credentials, and potentially access to other systems on the same network if the WordPress server has elevated privileges.
CVE-2024-43221 was publicly disclosed on August 19, 2024. While no public proof-of-concept (PoC) code has been widely reported, the Path Traversal vulnerability is a well-understood attack vector, and the availability of LFI exploits generally increases the likelihood of exploitation. The vulnerability is not currently listed on the CISA KEV catalog, but its HIGH severity warrants close monitoring. Active campaigns targeting WordPress plugins are common, so vigilance is advised.
WordPress websites utilizing the Crocoblock JetGridBuilder plugin, particularly those running versions prior to 1.1.3, are at risk. Shared hosting environments where multiple WordPress installations share the same server resources are especially vulnerable, as a compromise of one site could potentially lead to the compromise of others.
• wordpress / composer / npm:
grep -r "../" /var/www/html/wp-content/plugins/jetgridbuilder/*• generic web:
curl -I 'http://your-wordpress-site.com/wp-content/plugins/jetgridbuilder/../../../../etc/passwd' # Check for file disclosuredisclosure
Exploit-Status
EPSS
0.70% (72% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-43221 is to immediately upgrade JetGridBuilder to version 1.1.3 or later. As a temporary workaround, restrict file access permissions on the server to minimize the potential impact of a successful exploit. Implement a Web Application Firewall (WAF) with rules to block suspicious file inclusion attempts, specifically targeting patterns associated with path traversal attacks (e.g., '../'). Regularly monitor server logs for unusual file access patterns or PHP errors that might indicate exploitation. Consider implementing a Content Security Policy (CSP) to further restrict the resources that the browser is allowed to load.
Actualice el plugin JetGridBuilder a la última versión disponible. La vulnerabilidad de inclusión de archivos locales (LFI) se ha corregido en versiones posteriores a la 1.1.2. Si no hay una versión disponible, considere deshabilitar el plugin hasta que se publique una actualización.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-43221 is a Path Traversal vulnerability in Crocoblock JetGridBuilder allowing attackers to include arbitrary files on the server, potentially leading to sensitive data exposure or remote code execution.
You are affected if you are using Crocoblock JetGridBuilder version 1.1.2 or earlier. Upgrade to version 1.1.3 to resolve the vulnerability.
Upgrade JetGridBuilder to version 1.1.3 or later. If upgrading is not possible, implement temporary workarounds like WAF rules and restricted file permissions.
As of August 19, 2024, there is no confirmed active exploitation in the wild, but the vulnerability is likely to be exploited once a public proof-of-concept is released.
Refer to the Crocoblock website and WordPress plugin repository for the latest advisory and update information regarding CVE-2024-43221.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.