Plattform
wordpress
Komponente
maxi-blocks
Behoben in
1.9.3
CVE-2024-6885 describes an arbitrary file deletion vulnerability affecting the MaxiBlocks WordPress plugin. This flaw allows authenticated attackers with Subscriber-level access or higher to delete arbitrary files on the server. Successful exploitation could lead to remote code execution, particularly if critical files like wp-config.php are targeted. The vulnerability impacts versions of the plugin up to and including 1.9.2.
The primary impact of CVE-2024-6885 is the potential for remote code execution (RCE). By exploiting this vulnerability, an attacker can delete arbitrary files on the server. The most critical scenario involves deleting the wp-config.php file, which contains sensitive database credentials and configuration settings. Loss of this file effectively disables the WordPress site and grants the attacker significant control over the server environment. Furthermore, deletion of other critical system files could lead to denial of service or further compromise of the server. This vulnerability shares similarities with other file deletion vulnerabilities where improper input validation allows attackers to bypass security controls.
CVE-2024-6885 was publicly disclosed on July 23, 2024. The vulnerability's ease of exploitation, combined with the plugin's popularity, suggests a medium probability of exploitation (EPSS score likely medium). Public proof-of-concept (PoC) code is likely to emerge, increasing the risk. Monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns targeting this vulnerability.
WordPress websites utilizing the MaxiBlocks plugin, particularly those with Subscriber-level users or higher who have access to plugin settings, are at risk. Shared hosting environments where users have limited control over server file permissions are also particularly vulnerable. Websites with outdated plugin versions are at the highest risk.
• wordpress / composer / npm:
wp plugin list | grep MaxiBlocks• wordpress / composer / npm:
wp plugin update MaxiBlocks• wordpress / composer / npm:
grep -r 'maxi_remove_custom_image_size' /var/www/html/wp-content/plugins/maxi-blocks/• wordpress / composer / npm:
grep -r 'maxi_add_custom_image_size' /var/www/html/wp-content/plugins/maxi-blocks/disclosure
Exploit-Status
EPSS
7.87% (92% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-6885 is to upgrade the MaxiBlocks plugin to a version newer than 1.9.2, where the vulnerability has been addressed. If immediate upgrading is not possible due to compatibility issues or breaking changes, consider restricting file access permissions on the server to limit the potential damage from file deletion. Implement a Web Application Firewall (WAF) with rules to block suspicious file deletion requests targeting the plugin's endpoints. Monitor WordPress logs for unusual file deletion activity. After upgrading, verify the fix by attempting to access and delete a non-essential file through the plugin's interface; the operation should be denied.
Actualice el plugin MaxiBlocks a la última versión disponible. La vulnerabilidad que permite la eliminación arbitraria de archivos ha sido corregida en versiones posteriores a la 1.9.2. Esto evitará que usuarios autenticados con privilegios de suscriptor o superiores puedan explotar esta vulnerabilidad.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-6885 is a vulnerability allowing authenticated attackers to delete arbitrary files on a WordPress server through the MaxiBlocks plugin, potentially leading to remote code execution.
You are affected if you are using the MaxiBlocks plugin in versions 1.9.2 or earlier. Check your plugin version and upgrade immediately.
Upgrade the MaxiBlocks plugin to a version higher than 1.9.2. Consider implementing WAF rules and restricting file permissions as temporary mitigations.
While no active exploitation has been confirmed, the vulnerability's ease of exploitation suggests a potential for active campaigns. Monitor your systems closely.
Refer to the official MaxiBlocks plugin website or WordPress plugin repository for the latest security advisories and updates related to CVE-2024-6885.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.