Scanner gratuitement
CRITICALCVE-2024-52402CVSS 9.6

Plugin WordPress Exclusive Content Password Protect <= 1.1.0 - Vulnérabilité CSRF permettant le Téléchargement Arbitraire de Fichiers

Plateforme

wordpress

Composant

exclusive-content-password-protect

Corrigé dans

1.1.1

AI Confidence: highNVDEPSS 9.0%Révisé: mai 2026
Voir sur NVD
Sauvegarder
Traduction vers votre langue…

CVE-2024-52402 describes a Cross-Site Request Forgery (CSRF) vulnerability discovered in Cliconomics Exclusive Content Password Protect. This vulnerability allows an attacker to upload a web shell to a web server, leading to potential remote code execution. The vulnerability affects versions of the plugin from n/a up to and including 1.1.0. A patch has been released in version 1.1.1.

WordPress

Détecte cette CVE dans ton projet

Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.

Scanner gratuitement

Impact et Scénarios d'Attaquetraduction en cours…

The primary impact of CVE-2024-52402 is the ability for an attacker to upload arbitrary files, specifically web shells, to the WordPress server. A web shell provides a malicious actor with a command-and-control interface, enabling them to execute arbitrary code on the server. This could lead to complete compromise of the WordPress site, including data exfiltration, defacement, and further attacks against the underlying infrastructure. The attacker could potentially gain access to sensitive data stored within the WordPress database or use the compromised server as a launchpad for attacks against other systems on the network. The ease of exploitation via CSRF significantly increases the risk.

Contexte d'Exploitationtraduction en cours…

CVE-2024-52402 was publicly disclosed on 2024-11-19. While no active exploitation campaigns have been definitively confirmed, the CRITICAL severity and ease of exploitation via CSRF suggest a high probability of exploitation. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept code is likely to emerge given the vulnerability's nature and severity.

Qui Est à Risquetraduction en cours…

WordPress websites utilizing the Exclusive Content Password Protect plugin, particularly those running versions prior to 1.1.1, are at significant risk. Shared hosting environments are especially vulnerable as they often lack granular control over plugin configurations and file permissions. Sites with weak CSRF protection or inadequate input validation on file upload endpoints are also at heightened risk.

Étapes de Détectiontraduction en cours…

• wordpress / composer / npm:

wp plugin list | grep 'Exclusive Content Password Protect'

• wordpress / composer / npm:

wp plugin update --all

• wordpress / composer / npm:

grep -r 'upload_dir' /var/www/html/wp-content/plugins/exclusive-content-password-protect/

• generic web: Check for unusual files in the WordPress uploads directory (wp-content/uploads) using file system scans or security monitoring tools.

Chronologie de l'Attaque

  1. Disclosure

    disclosure

Renseignement sur les Menaces

Statut de l'Exploit

Preuve de ConceptInconnu
CISA KEVNO
Exposition InternetÉlevée

EPSS

9.01% (percentile 93%)

CISA SSVC

Exploitationnone
Automatisableno
Impact Techniquetotal

Vecteur CVSS

RENSEIGNEMENT SUR LES MENACES· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H9.6CRITICALAttack VectorNetworkComment l'attaquant atteint la cibleAttack ComplexityLowConditions requises pour exploiterPrivileges RequiredNoneNiveau d'authentification requisUser InteractionRequiredSi une action de la victime est requiseScopeChangedImpact au-delà du composant affectéConfidentialityHighRisque d'exposition de données sensiblesIntegrityHighRisque de modification non autorisée de donnéesAvailabilityHighRisque d'interruption de servicenextguardhq.com · Score de base CVSS v3.1
Que signifient ces métriques?
Attack Vector
Réseau — exploitable à distance via internet. Aucun accès physique ou local requis.
Attack Complexity
Faible — aucune condition spéciale requise. Exploitable de manière fiable.
Privileges Required
Aucun — sans authentification. Aucune identifiant requis pour exploiter.
User Interaction
Requise — la victime doit ouvrir un fichier, cliquer sur un lien ou visiter une page.
Scope
Modifié — l'attaque peut pivoter au-delà du composant vulnérable.
Confidentiality
Élevé — perte totale de confidentialité. L'attaquant peut lire toutes les données.
Integrity
Élevé — l'attaquant peut écrire, modifier ou supprimer toutes les données.
Availability
Élevé — panne complète ou épuisement des ressources. Déni de service total.

Logiciel Affecté

Composantexclusive-content-password-protect
FournisseurCliconomics
Plage affectéeCorrigé dans
0.0.0 – 1.1.01.1.1

Classification de Faiblesse (CWE)

CWE-352

Chronologie

  1. Réservé
  2. Publiée
  3. EPSS mis à jour

Mitigation et Contournementstraduction en cours…

The primary mitigation for CVE-2024-52402 is to immediately upgrade to version 1.1.1 or later of the Exclusive Content Password Protect plugin. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing stricter input validation and sanitization on file upload endpoints. While not a complete solution, a Web Application Firewall (WAF) configured to block suspicious file uploads and CSRF attacks can provide an additional layer of defense. Regularly review WordPress plugin permissions and restrict access to sensitive files and directories.

Comment corriger

Mettez à jour le plugin Exclusive Content Password Protect vers la dernière version disponible. La vulnérabilité permet le téléchargement de fichiers arbitraires, ce qui pourrait compromettre la sécurité du site web. La mise à jour corrige la vulnérabilité CSRF qui permet cette action.

Newsletter Sécurité CVE

Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.

Questions fréquentestraduction en cours…

What is CVE-2024-52402 — CSRF in Exclusive Content Password Protect?

CVE-2024-52402 is a critical Cross-Site Request Forgery (CSRF) vulnerability in Cliconomics Exclusive Content Password Protect allowing attackers to upload web shells, potentially leading to remote code execution.

Am I affected by CVE-2024-52402 in Exclusive Content Password Protect?

You are affected if you are using Exclusive Content Password Protect versions from n/a through 1.1.0. Check your plugin version immediately.

How do I fix CVE-2024-52402 in Exclusive Content Password Protect?

Upgrade to version 1.1.1 or later of the Exclusive Content Password Protect plugin. If immediate upgrade is not possible, implement temporary mitigations like WAF rules and stricter input validation.

Is CVE-2024-52402 being actively exploited?

While no confirmed active exploitation campaigns are currently known, the CRITICAL severity and ease of exploitation suggest a high probability of exploitation.

Where can I find the official Exclusive Content Password Protect advisory for CVE-2024-52402?

Refer to the Cliconomics website and WordPress plugin repository for the official advisory and update information.

Ton projet est-il affecté ?

Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.

Scanner gratuitementRechercher des CVE