Platform
wordpress
Component
woocommerce-support-ticket-system
Fixed in
17.7.1
CVE-2024-10626 is an arbitrary file access vulnerability discovered in the WooCommerce Support Ticket System plugin for WordPress. This flaw allows authenticated attackers, even those with Subscriber-level access, to delete files on the server. The most severe impact arises from the potential to delete critical configuration files like wp-config.php, which could lead to remote code execution. This vulnerability affects versions of the plugin up to and including 17.7.
The primary impact of CVE-2024-10626 is the ability for an authenticated attacker to delete arbitrary files on the server. While seemingly limited to file deletion, the potential for remote code execution is significant. Deleting wp-config.php, for example, would effectively disable the WordPress site and allow an attacker to potentially upload and execute malicious code upon site recovery. The attacker needs only Subscriber-level access to exploit this vulnerability, significantly broadening the potential attack surface. This vulnerability shares similarities with other file access vulnerabilities where deletion of critical configuration files can lead to complete system compromise.
CVE-2024-10626 was publicly disclosed on November 9, 2024. Currently, there is no indication of active exploitation in the wild. The vulnerability is not listed on the CISA KEV catalog. Public proof-of-concept (PoC) code is likely to emerge given the ease of exploitation once a suitable target is identified.
Exploit Status
EPSS
24.48% (96% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-10626 is to upgrade the WooCommerce Support Ticket System plugin to a version that addresses the vulnerability. As of this writing, a patched version is expected but not yet released. Until a patch is available, consider restricting file upload permissions for Subscriber-level users. Implement a Web Application Firewall (WAF) rule to block requests attempting to access or delete files outside of designated upload directories. Regularly review file system permissions to ensure they are as restrictive as possible. After upgrading, verify the fix by attempting to access and delete files outside of the intended upload directories with a user account having Subscriber privileges.
Actualice el plugin WooCommerce Support Ticket System a la última versión disponible. La vulnerabilidad se encuentra en versiones anteriores a la más reciente. La actualización corregirá la vulnerabilidad de eliminación arbitraria de archivos.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-10626 is a vulnerability allowing authenticated attackers to delete arbitrary files on a WordPress server running the WooCommerce Support Ticket System plugin, potentially leading to remote code execution.
You are affected if you are using the WooCommerce Support Ticket System plugin version 17.7 or earlier. Check your plugin version and upgrade as soon as a patch is available.
Upgrade the WooCommerce Support Ticket System plugin to a patched version. Until a patch is available, restrict file upload permissions and consider WAF rules.
There is currently no indication of active exploitation in the wild, but public PoCs are likely to emerge.
Refer to the WooCommerce website and WordPress security announcements for the official advisory when it is released.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.