Plateforme
wordpress
Composant
email-subscribers
Corrigé dans
5.6.24
CVE-2023-5414 is a critical directory traversal vulnerability affecting the Icegram Express plugin for WordPress. This flaw allows authenticated attackers with administrator privileges to read arbitrary files on the server, potentially exposing sensitive information. The vulnerability impacts versions of Icegram Express up to and including 5.6.23. A patch is available, and users are strongly advised to upgrade immediately.
The directory traversal vulnerability in Icegram Express allows an authenticated administrator to bypass intended file access restrictions. By manipulating the showeslogs function, an attacker can craft requests that read files outside of the plugin's designated directory. This poses a significant risk, particularly in shared hosting environments where multiple websites reside on the same server. Sensitive data such as database credentials, configuration files, or even code from other websites could be exposed. The impact is amplified by the plugin's widespread use and the potential for automated exploitation.
CVE-2023-5414 was publicly disclosed on 2023-10-20. While no active exploitation campaigns have been definitively confirmed, the vulnerability's critical severity and ease of exploitation make it a high-priority target. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are likely to emerge, increasing the risk of widespread exploitation.
Shared hosting environments are particularly at risk, as the vulnerability allows attackers to potentially access data from other websites hosted on the same server. WordPress administrators with access to the Icegram Express plugin are also at risk. Users who have not updated Icegram Express to the latest version are vulnerable.
• wordpress / composer / npm:
grep -r "show_es_logs" /var/www/html/wp-content/plugins/icegram-express/• generic web:
curl -I 'https://your-wordpress-site.com/wp-content/plugins/icegram-express/show_es_logs?file=../../../../etc/passwd' # Attempt to read sensitive filedisclosure
Statut de l'Exploit
EPSS
2.09% (percentile 84%)
Vecteur CVSS
The primary mitigation for CVE-2023-5414 is to upgrade Icegram Express to a version that addresses the vulnerability. The vendor has released a patch, so ensure you are using the latest available version. If immediate upgrading is not possible due to compatibility issues or breaking changes, consider temporarily restricting access to the showeslogs function through server-level configuration (e.g., .htaccess rules for Apache) or a web application firewall (WAF). Monitor server logs for suspicious file access attempts. After upgrading, confirm the fix by attempting to access a non-existent file via the vulnerable endpoint and verifying that access is denied.
Mettez à jour le plugin Icegram Express vers la dernière version disponible. La version 5.6.24 ou supérieure corrige cette vulnérabilité de Traversal de Répertoire. Cela empêchera les attaquants disposant de privilèges d'administrateur de lire des fichiers arbitraires sur le serveur.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2023-5414 is a critical vulnerability in Icegram Express WordPress plugin allowing attackers to read arbitrary files on the server.
You are affected if you are using Icegram Express version 5.6.23 or earlier. Check your plugin version and upgrade immediately.
Upgrade Icegram Express to the latest version that addresses the vulnerability. If immediate upgrade is not possible, implement temporary workarounds like WAF rules.
While no confirmed active exploitation campaigns are known, the vulnerability's severity makes it a likely target for attackers.
Refer to the Icegram Express website and WordPress plugin repository for the latest advisory and update information.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.