Platform
wordpress
Component
wpvivid-backuprestore
Fixed in
0.9.69
CVE-2024-1981 is a critical SQL Injection vulnerability affecting the Migration, Backup, Staging – WPvivid plugin for WordPress. This vulnerability allows unauthenticated attackers to inject malicious SQL queries, potentially leading to data exfiltration. It impacts versions 0.9.68. A patch is expected from the vendor; implement temporary mitigations until the update is available.
The SQL Injection vulnerability in WPvivid allows attackers to manipulate database queries through the 'table_prefix' parameter. Successful exploitation could enable attackers to extract sensitive information such as usernames, passwords, customer data, and other confidential information stored within the WordPress database. Depending on the database structure and permissions, an attacker might even be able to modify or delete data, leading to a complete compromise of the WordPress site. This vulnerability is particularly concerning given the plugin's function of managing backups and migrations, which often contain highly sensitive data.
CVE-2024-1981 was publicly disclosed on 2024-02-29. Public proof-of-concept exploits are likely to emerge quickly given the ease of exploitation associated with SQL Injection vulnerabilities. The CVSS score of 9.8 (CRITICAL) indicates a high probability of exploitation. Monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns targeting this vulnerability.
Exploit Status
EPSS
2.58% (85% percentile)
CVSS Vector
The primary mitigation is to immediately upgrade the WPvivid plugin to a patched version as soon as it becomes available. Until the patch is deployed, consider implementing temporary workarounds. Restrict access to the plugin's administrative interface to authorized personnel only. Implement a Web Application Firewall (WAF) with SQL Injection protection rules to filter potentially malicious requests. Regularly review WordPress database access logs for suspicious activity. While a direct detection signature is difficult, monitor database logs for unusual SQL queries originating from the plugin’s directory.
Update the Migration, Backup, Staging – WPvivid plugin to the latest available version. The SQL Injection vulnerability in the 'table_prefix' parameter has been fixed in versions later than 0.9.68.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-1981 is a critical SQL Injection vulnerability in the WPvivid WordPress plugin, allowing attackers to extract sensitive data from the database through the 'table_prefix' parameter.
If you are using WPvivid version 0.9.68, you are vulnerable. Check your plugin version and upgrade immediately.
Upgrade to the latest version of the WPvivid plugin as soon as a patch is released by the vendor. Until then, implement temporary mitigations like WAF rules and access restrictions.
Given the critical severity and ease of exploitation, it is highly probable that CVE-2024-1981 is already being targeted by attackers. Monitor your systems closely.
Check the WPvivid plugin website and WordPress.org plugin repository for the official security advisory and patch information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.