Plateforme
wordpress
Composant
rehub-theme
Corrigé dans
19.6.2
CVE-2024-31231 describes a critical Path Traversal vulnerability within the Rehub WordPress plugin. This flaw allows attackers to potentially include arbitrary files on the server, leading to sensitive data exposure or even remote code execution. The vulnerability impacts versions of Rehub up to and including 19.6.1, with a fix released in version 19.6.2.
The core of this vulnerability lies in the improper handling of file paths within the Rehub plugin. An attacker can craft malicious requests that manipulate the pathname, bypassing intended restrictions and accessing files outside the designated directory. Successful exploitation allows for PHP Local File Inclusion (LFI), meaning an attacker can include arbitrary PHP files, potentially executing malicious code on the server. This could lead to complete compromise of the WordPress site, including data theft, modification, or defacement. The blast radius extends to any sensitive data stored on the server, including user credentials, database information, and configuration files. A successful attack could also be used to pivot to other systems on the network if the web server has access to them.
CVE-2024-31231 was publicly disclosed on May 17, 2024. While no active exploitation campaigns have been definitively confirmed, the CRITICAL severity and ease of exploitation suggest a high probability of exploitation. There are currently no publicly available proof-of-concept exploits, but the vulnerability's nature makes it likely that such exploits will emerge. The vulnerability is not currently listed on the CISA KEV catalog.
Websites using the Rehub WordPress plugin, particularly those running older versions (≤19.6.1), are at significant risk. Shared hosting environments are especially vulnerable, as they often have limited control over server configurations and plugin updates. Sites with sensitive data or those integrated with other critical systems are at the highest risk of compromise.
• wordpress / composer / npm:
grep -r "../" /var/www/html/wp-content/plugins/rehub/• generic web:
curl -I http://your-wordpress-site.com/wp-content/plugins/rehub/../../../../etc/passwd• wordpress / composer / npm:
wp plugin list --status=inactive | grep rehub• wordpress / composer / npm:
wp plugin update rehub --alldisclosure
Statut de l'Exploit
EPSS
1.66% (percentile 82%)
CISA SSVC
Vecteur CVSS
The primary mitigation is to immediately upgrade the Rehub plugin to version 19.6.2 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing temporary workarounds. Restrict file access permissions on the server to minimize the potential impact of a successful exploit. Implement strict input validation to sanitize user-supplied data used in file path construction. Web Application Firewalls (WAFs) can be configured with rules to detect and block malicious requests attempting to exploit this vulnerability. Monitor web server access logs for suspicious file access attempts.
Actualice el tema Rehub a la última versión disponible. Si no hay una versión disponible, considere deshabilitar o reemplazar el tema hasta que se publique una actualización que corrija la vulnerabilidad. Consulte el sitio web del proveedor para obtener más información y actualizaciones.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2024-31231 is a critical Path Traversal vulnerability in the Rehub WordPress plugin allowing attackers to potentially include arbitrary files, leading to code execution.
If you are using Rehub version 19.6.1 or earlier, you are affected by this vulnerability. Immediate action is required.
Upgrade the Rehub plugin to version 19.6.2 or later to resolve the vulnerability. If upgrading is not possible, implement temporary workarounds like restricting file access.
While no active exploitation campaigns have been confirmed, the CRITICAL severity and ease of exploitation suggest a high probability of exploitation.
Refer to the official Rehub plugin website and WordPress plugin repository for the latest advisory and update information.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.