Plattform
wordpress
Komponente
bit-form
Behoben in
2.13.5
CVE-2024-7782 describes an arbitrary file access vulnerability discovered in the Contact Form by Bit Form WordPress plugin suite, including Multi Step Form, Calculation Contact Form, Payment Contact Form, and Custom Contact Form builder. This vulnerability allows authenticated administrators to delete arbitrary files on the server, potentially leading to remote code execution. The vulnerability affects versions 2.0 through 2.13.4, and a patch is available.
The primary impact of CVE-2024-7782 is the potential for remote code execution (RCE). An attacker with administrator privileges can exploit this vulnerability to delete critical files, such as wp-config.php, which contains sensitive database credentials and configuration settings. Deletion of wp-config.php effectively compromises the entire WordPress installation, allowing the attacker to gain complete control over the server. Furthermore, deletion of other system files could lead to denial of service or further compromise. This vulnerability shares similarities with other file deletion vulnerabilities where improper input validation allows attackers to manipulate file paths.
CVE-2024-7782 was publicly disclosed on August 20, 2024. Currently, there are no known public exploits or active campaigns targeting this vulnerability. The vulnerability is not listed on the CISA KEV catalog at the time of this writing. The relatively recent disclosure suggests that exploitation may be in its early stages, but the potential for RCE warrants immediate attention.
WordPress websites utilizing the Contact Form by Bit Form plugin suite, particularly those with administrator accounts that have not been secured with strong passwords and multi-factor authentication, are at risk. Shared hosting environments where WordPress installations share file system permissions are also at higher risk, as a compromise of one site could potentially lead to the compromise of others.
• wordpress / composer / npm:
grep -r 'iconRemove' /var/www/html/wp-content/plugins/contact-form-by-bit-form/• wordpress / composer / npm:
wp plugin list --status=all | grep 'contact-form-by-bit-form'• wordpress / composer / npm:
wp plugin update contact-form-by-bit-form• generic web: Check WordPress plugin directory for updates and security advisories related to Contact Form by Bit Form.
disclosure
Exploit-Status
EPSS
10.11% (93% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-7782 is to upgrade the Contact Form by Bit Form plugin to a version that includes the security fix. If immediate upgrading is not possible due to compatibility issues or breaking changes, consider restricting file upload permissions for the WordPress user account associated with the plugin. While not a complete solution, this can limit the attacker's ability to exploit the vulnerability. Implement a Web Application Firewall (WAF) with rules to block suspicious file deletion requests targeting the plugin’s endpoints. Regularly review WordPress user permissions and ensure the principle of least privilege is enforced.
Actualice el plugin Contact Form by Bit Form a la última versión disponible. Esto solucionará la vulnerabilidad de eliminación arbitraria de archivos.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-7782 is a vulnerability in the Contact Form by Bit Form WordPress plugin suite allowing authenticated admins to delete arbitrary files, potentially leading to RCE.
You are affected if your WordPress site uses the Contact Form by Bit Form plugin versions 2.0 through 2.13.4.
Upgrade the Contact Form by Bit Form plugin to a patched version. Check the plugin developer's website for the latest version.
As of now, there is no confirmed active exploitation, but the vulnerability's nature suggests potential for future exploitation.
Check the Contact Form by Bit Form plugin page on the WordPress plugin directory or the developer's website for security advisories.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.