Platform
wordpress
Component
bit-form
Fixed in
2.13.10
CVE-2024-7777 describes an arbitrary file access vulnerability discovered in the Contact Form by Bit Form WordPress plugins, including Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder. This flaw allows authenticated administrators to read and delete arbitrary files on the server, posing a significant risk of remote code execution. The vulnerability impacts versions 2.0 through 2.13.9, and a patch is expected from the vendor.
The primary impact of CVE-2024-7777 is the ability for an authenticated administrator to read and delete any file accessible by the webserver. This is particularly concerning because deleting the wp-config.php file would effectively disable the WordPress site, potentially allowing an attacker to inject malicious code or gain control of the server. Successful exploitation could lead to complete compromise of the WordPress installation, including data exfiltration, website defacement, and further attacks against the underlying server infrastructure. The ease of exploitation, combined with the critical nature of WordPress sites, makes this a high-priority vulnerability.
CVE-2024-7777 has been publicly disclosed and is considered a high-risk vulnerability due to its ease of exploitation and potential impact. While no active exploitation campaigns have been definitively confirmed at the time of writing, the availability of the vulnerability details increases the likelihood of exploitation. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are likely to emerge shortly.
Exploit Status
EPSS
4.03% (88% percentile)
CISA SSVC
CVSS Vector
The immediate mitigation for CVE-2024-7777 is to upgrade the Contact Form by Bit Form plugins to a patched version as soon as it becomes available. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider restricting file permissions on the WordPress server to minimize the potential impact of a successful attack. Implement a Web Application Firewall (WAF) with rules to block suspicious file access attempts. Monitor WordPress logs for unusual file access patterns and unauthorized file deletions. After upgrading, verify the fix by attempting to access a sensitive file (e.g., through a crafted URL) and confirming that access is denied.
Update the Contact Form by Bit Form plugin to the latest available version. This will resolve the arbitrary file read and deletion vulnerability.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-7777 is a critical vulnerability allowing authenticated administrators to read and delete files on WordPress servers using the Contact Form by Bit Form plugins, potentially leading to remote code execution.
You are affected if your WordPress site uses the Contact Form by Bit Form plugins in versions 2.0 through 2.13.9. Check your plugin versions immediately.
Upgrade the Contact Form by Bit Form plugins to the latest available version as soon as possible. If upgrading is not immediately possible, implement temporary mitigation measures like restricting file permissions and using a WAF.
While no active exploitation campaigns have been definitively confirmed, the vulnerability is publicly disclosed and poses a significant risk of exploitation.
Check the official Contact Form by Bit Form website and WordPress plugin repository for security advisories and updates related to CVE-2024-7777.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.