Plateforme
wordpress
Composant
breakdance
Corrigé dans
1.7.3
CVE-2024-31390 describes a Remote Code Execution (RCE) vulnerability within the Soflyy Breakdance WordPress plugin. This flaw allows attackers to inject arbitrary code, leading to complete server compromise. The vulnerability impacts versions of Breakdance up to and including 1.7.2, with a fix available in version 1.7.3.
The impact of this RCE vulnerability is severe. An attacker could leverage it to execute arbitrary commands on the web server hosting the WordPress site. This could lead to data breaches, website defacement, malware installation, or complete server takeover. Given Breakdance's functionality as a video player and potentially handling user uploads, sensitive data like user credentials, video content, and configuration files are at risk. Successful exploitation could also facilitate lateral movement within the network if the server has access to other systems.
This vulnerability has been publicly disclosed and assigned a CRITICAL CVSS score. While no active exploitation campaigns have been definitively linked to CVE-2024-31390 at the time of writing, the ease of exploitation and the plugin's popularity make it a high-priority target. It was added to the CISA KEV catalog on 2024-04-03, indicating a significant risk to US critical infrastructure. Public proof-of-concept exploits are likely to emerge, increasing the risk of widespread exploitation.
WordPress websites utilizing the Breakdance plugin, particularly those running older versions (≤1.7.2), are at significant risk. Shared hosting environments are especially vulnerable as they often have limited control over plugin updates and security configurations. Sites that rely on Breakdance for handling user-uploaded video content are also at higher risk due to the potential for malicious file uploads.
• wordpress / composer / npm:
wp plugin list | grep breakdance• wordpress / composer / npm:
wp plugin update --all• wordpress / composer / npm:
wp plugin status breakdance• generic web: Check WordPress plugin directory for updated version (1.7.3+).
disclosure
kev
Statut de l'Exploit
EPSS
0.11% (percentile 29%)
CISA SSVC
Vecteur CVSS
The primary mitigation is to immediately upgrade the Breakdance plugin to version 1.7.3 or later. If upgrading is not feasible due to compatibility issues or breaking changes, consider temporarily disabling the plugin. As a secondary measure, implement strict input validation and sanitization on all user-supplied data processed by the plugin. Web application firewalls (WAFs) configured to detect and block code injection attempts can provide an additional layer of defense. Monitor WordPress logs for suspicious activity, particularly related to Breakdance plugin execution.
Actualice el plugin Breakdance a la última versión disponible. Si no hay una versión disponible, considere deshabilitar el plugin hasta que se publique una actualización que corrija la vulnerabilidad. Consulte la documentación del plugin para obtener instrucciones específicas sobre cómo actualizarlo.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2024-31390 is a critical Remote Code Execution vulnerability in the Soflyy Breakdance WordPress plugin, allowing attackers to execute arbitrary code on the server.
You are affected if you are using Breakdance version 1.7.2 or earlier. Check your plugin versions immediately.
Upgrade the Breakdance plugin to version 1.7.3 or later. If upgrading is not possible, temporarily disable the plugin.
While no confirmed active exploitation campaigns have been reported, the vulnerability's severity and ease of exploitation make it a high-priority target.
Refer to the Soflyy website and WordPress plugin repository for the latest advisory and update information.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.