Platform
wordpress
Component
breakdance
Fixed in
1.7.3
CVE-2024-31390 describes a Remote Code Execution (RCE) vulnerability within the Soflyy Breakdance WordPress plugin. This flaw allows attackers to inject arbitrary code, leading to complete server compromise. The vulnerability impacts versions of Breakdance up to and including 1.7.2, with a fix available in version 1.7.3.
The impact of this RCE vulnerability is severe. An attacker could leverage it to execute arbitrary commands on the web server hosting the WordPress site. This could lead to data breaches, website defacement, malware installation, or complete server takeover. Given Breakdance's functionality as a video player and potentially handling user uploads, sensitive data like user credentials, video content, and configuration files are at risk. Successful exploitation could also facilitate lateral movement within the network if the server has access to other systems.
This vulnerability has been publicly disclosed and assigned a CRITICAL CVSS score. While no active exploitation campaigns have been definitively linked to CVE-2024-31390 at the time of writing, the ease of exploitation and the plugin's popularity make it a high-priority target. It was added to the CISA KEV catalog on 2024-04-03, indicating a significant risk to US critical infrastructure. Public proof-of-concept exploits are likely to emerge, increasing the risk of widespread exploitation.
Exploit Status
EPSS
0.11% (29% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to immediately upgrade the Breakdance plugin to version 1.7.3 or later. If upgrading is not feasible due to compatibility issues or breaking changes, consider temporarily disabling the plugin. As a secondary measure, implement strict input validation and sanitization on all user-supplied data processed by the plugin. Web application firewalls (WAFs) configured to detect and block code injection attempts can provide an additional layer of defense. Monitor WordPress logs for suspicious activity, particularly related to Breakdance plugin execution.
Update the Breakdance plugin to the latest available version. If no version is available, consider disabling the plugin until an update is released that fixes the vulnerability. Refer to the plugin documentation for specific instructions on how to update it.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-31390 is a critical Remote Code Execution vulnerability in the Soflyy Breakdance WordPress plugin, allowing attackers to execute arbitrary code on the server.
You are affected if you are using Breakdance version 1.7.2 or earlier. Check your plugin versions immediately.
Upgrade the Breakdance plugin to version 1.7.3 or later. If upgrading is not possible, temporarily disable the plugin.
While no confirmed active exploitation campaigns have been reported, the vulnerability's severity and ease of exploitation make it a high-priority target.
Refer to the Soflyy website and WordPress plugin repository for the latest advisory and update information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.