Plateforme
wordpress
Composant
chatbot
Corrigé dans
4.9.1
4.9.3
CVE-2023-5212 is an Arbitrary File Deletion vulnerability affecting the AI ChatBot plugin for WordPress. This vulnerability allows authenticated attackers, even those with subscriber privileges, to delete arbitrary files on the server, leading to potential site takeover and compromise of shared hosting environments. The vulnerability impacts versions up to and including 4.8.9, and was reintroduced in 4.9.2, but has been resolved in version 4.9.3.
The impact of CVE-2023-5212 is severe due to the ability of authenticated attackers to delete arbitrary files. This could allow an attacker to delete critical WordPress core files, plugin files, or configuration files, effectively taking control of the website. In shared hosting environments, the vulnerability poses a significant risk as an attacker could potentially delete files belonging to other websites hosted on the same server. The reintroduction of the vulnerability in version 4.9.2 highlights the importance of thorough testing and validation of security fixes before release. A successful exploit could lead to complete website compromise, data loss, and potential reputational damage.
CVE-2023-5212 was publicly disclosed on October 19, 2023. While no active exploitation campaigns have been definitively confirmed, the vulnerability's critical severity and ease of exploitation make it a likely target. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are likely to emerge, increasing the risk of widespread exploitation.
Websites using the AI ChatBot plugin, particularly those hosted on shared hosting platforms, are at significant risk. Users with subscriber privileges on these websites could potentially exploit the vulnerability. Legacy WordPress installations with outdated plugins are also more vulnerable due to a lack of security updates.
• wordpress / composer / npm: Use wp-cli plugin update to check the installed version of AI ChatBot.
wp plugin list --status=active | grep 'AI ChatBot'• wordpress / composer / npm: Search plugin files for suspicious file deletion functions (e.g., unlink, delete_file).
• generic web: Monitor WordPress error logs for attempts to access or delete files outside of expected directories.
• generic web: Check WordPress plugin directory for unauthorized modifications or new installations of the AI ChatBot plugin.
disclosure
Statut de l'Exploit
EPSS
0.31% (percentile 54%)
Vecteur CVSS
The primary mitigation for CVE-2023-5212 is to immediately upgrade the AI ChatBot plugin to version 4.9.3 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider restricting file permissions on the server to limit the attacker's ability to delete files. Implement a Web Application Firewall (WAF) with rules to block suspicious file deletion attempts. Regularly review WordPress plugin installations and ensure they are from trusted sources. After upgrading, confirm the fix by attempting to access and delete a non-critical file via the plugin's interface to verify that file deletion is no longer possible.
Mettez à jour le plugin AI ChatBot à la version 4.9.3 ou supérieure. Cette version corrige la vulnérabilité de suppression arbitraire de fichiers. Si vous ne pouvez pas mettre à jour immédiatement, envisagez de désactiver temporairement le plugin.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2023-5212 is a critical vulnerability in the AI ChatBot WordPress plugin allowing authenticated users to delete arbitrary files, potentially leading to site takeover.
You are affected if you are using AI ChatBot version 4.8.9 or earlier, or version 4.9.2. Upgrade to 4.9.3 or later to mitigate the risk.
Upgrade the AI ChatBot plugin to version 4.9.3 or later. If immediate upgrade is not possible, restrict file permissions and consider a WAF.
While no confirmed active exploitation campaigns are known, the vulnerability's severity and ease of exploitation make it a likely target.
Refer to the AI ChatBot plugin's official website or WordPress plugin repository for the latest advisory and update information.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.