Platform
wordpress
Component
sign-in-with-google
Fixed in
1.8.1
CVE-2024-11015 is an authentication bypass vulnerability affecting the Sign In With Google plugin for WordPress versions up to 1.8.0. An attacker can exploit this flaw to gain unauthorized access to a user account, potentially including the site administrator. This vulnerability stems from inadequate null value checks during the authentication process. Updating to a patched version is crucial to remediate this risk.
The impact of this vulnerability is severe. A successful exploit allows an attacker to impersonate any user who has previously authenticated with Google OAuth. This includes the site administrator, granting the attacker full control over the WordPress site. They could modify content, install malicious plugins, steal sensitive data, or even completely compromise the server. The ease of exploitation, combined with the plugin's popularity, makes this a high-priority risk. This bypass circumvents standard authentication mechanisms, making it particularly dangerous.
This vulnerability was publicly disclosed on December 12, 2024. While no active exploitation campaigns have been definitively confirmed, the ease of exploitation and the plugin's widespread use make it a likely target. The CVSS score of 9.8 (CRITICAL) reflects the high severity and potential impact. No KEV listing is currently available.
Exploit Status
EPSS
0.14% (35% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to immediately update the Sign In With Google plugin to a version greater than 1.8.0. If an immediate upgrade is not possible due to compatibility issues or breaking changes, consider temporarily disabling the plugin to prevent unauthorized access. While not a complete solution, implementing a Web Application Firewall (WAF) with rules to block suspicious OAuth requests could provide an additional layer of defense. Regularly review user accounts and permissions for any signs of unauthorized activity.
Actualice el plugin Sign In With Google a la versión más reciente. La versión 1.8.1 o superior corrige esta vulnerabilidad de omisión de autenticación.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-11015 is a critical vulnerability in the Sign In With Google WordPress plugin allowing attackers to bypass authentication and log in as existing Google OAuth users.
You are affected if you are using the Sign In With Google plugin in WordPress versions 1.8.0 or earlier. Immediately check your plugin version and update if necessary.
The fix is to update the Sign In With Google plugin to a version greater than 1.8.0. If an upgrade is not immediately possible, temporarily disable the plugin.
While no confirmed active exploitation campaigns are currently known, the vulnerability's severity and ease of exploitation make it a likely target. Monitor your site closely.
Refer to the plugin developer's website and WordPress.org plugin repository for the latest advisory and update information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.