Platform
wordpress
Component
bit-form
Fixed in
2.13.5
CVE-2024-7782 describes an arbitrary file access vulnerability discovered in the Contact Form by Bit Form WordPress plugin suite, including Multi Step Form, Calculation Contact Form, Payment Contact Form, and Custom Contact Form builder. This vulnerability allows authenticated administrators to delete arbitrary files on the server, potentially leading to remote code execution. The vulnerability affects versions 2.0 through 2.13.4, and a patch is available.
The primary impact of CVE-2024-7782 is the potential for remote code execution (RCE) on WordPress servers. An authenticated administrator can exploit this vulnerability by deleting critical files, such as wp-config.php. Deleting wp-config.php effectively disables the WordPress site and allows an attacker to potentially gain control of the server. The arbitrary file deletion capability extends beyond just wp-config.php; an attacker could delete other configuration files, binaries, or even system files, depending on file system permissions. This represents a significant security risk, as it could lead to complete server compromise and data exfiltration.
CVE-2024-7782 was publicly disclosed on August 20, 2024. As of this writing, there is no indication of active exploitation in the wild. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not yet widely available, but the vulnerability's nature and ease of exploitation suggest that PoCs are likely to emerge.
Exploit Status
EPSS
10.11% (93% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-7782 is to upgrade the Contact Form by Bit Form plugin to a version that addresses the vulnerability. The vendor has not specified a fixed version in the provided data. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restrict file system permissions for the WordPress user to minimize the impact of a successful exploit. Implement a Web Application Firewall (WAF) with rules to block suspicious file deletion requests targeting the iconRemove function. Regularly monitor WordPress logs for unusual file access or deletion activity.
Actualice el plugin Contact Form by Bit Form a la última versión disponible. Esto solucionará la vulnerabilidad de eliminación arbitraria de archivos.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-7782 is a vulnerability in the Contact Form by Bit Form WordPress plugin suite allowing authenticated admins to delete arbitrary files, potentially leading to RCE.
You are affected if your WordPress site uses the Contact Form by Bit Form plugin versions 2.0 through 2.13.4.
Upgrade the Contact Form by Bit Form plugin to a patched version. Check the plugin developer's website for the latest version.
As of now, there is no confirmed active exploitation, but the vulnerability's nature suggests potential for future exploitation.
Check the Contact Form by Bit Form plugin page on the WordPress plugin directory or the developer's website for security advisories.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.