Plateforme
wordpress
Composant
wp-query-console
Corrigé dans
1.0.1
CVE-2024-50498 describes a Remote Code Execution (RCE) vulnerability within the WP Query Console WordPress plugin. This flaw allows attackers to inject arbitrary code, potentially leading to complete system compromise. The vulnerability impacts versions up to and including 1.0. A fix is pending, and users are advised to implement mitigation strategies until a patch is released.
The impact of this RCE vulnerability is severe. A successful exploit allows an attacker to execute arbitrary code on the affected WordPress server with the privileges of the webserver user. This could lead to complete website takeover, data exfiltration, malware installation, and further lateral movement within the network. Given the plugin's functionality (querying WordPress data), an attacker could leverage this to discover sensitive information about the website's database structure and content, aiding in further attacks. The ease of code injection significantly increases the risk of exploitation.
This vulnerability was publicly disclosed on 2024-10-28. No public proof-of-concept (POC) code has been released at the time of writing, but the RCE nature of the vulnerability makes it a high-priority target for exploitation. The EPSS score is likely to be high due to the ease of exploitation and the potential impact. It is recommended to monitor security advisories and threat intelligence feeds for any signs of active exploitation campaigns.
Websites using the WP Query Console plugin, particularly those running older versions (≤1.0), are at significant risk. Shared hosting environments are especially vulnerable as they often have limited security controls and a higher density of vulnerable plugins. WordPress sites with weak access controls to the plugin's administrative interface are also at increased risk.
• wordpress / composer / npm:
grep -r "eval(base64_decode" /var/www/html/wp-content/plugins/wp-query-console/• generic web:
curl -I https://your-wordpress-site.com/wp-content/plugins/wp-query-console/ | grep -i 'X-Powered-By'• wordpress / composer / npm:
wp plugin list | grep "wp-query-console"disclosure
Statut de l'Exploit
EPSS
91.90% (percentile 100%)
CISA SSVC
Vecteur CVSS
Since a patch is not yet available, immediate mitigation steps are crucial. First, disable the WP Query Console plugin if possible. If disabling is not an option, restrict access to the plugin's administrative interface to trusted users only. Implement a Web Application Firewall (WAF) with rules to block suspicious code injection attempts targeting the plugin's endpoints. Regularly monitor server logs for any unusual activity or signs of exploitation. Consider using a security plugin that can scan for and alert on code injection vulnerabilities.
Mettez à jour le plugin WP Query Console à une version supérieure à 1.0. Cela corrigera la vulnérabilité d'exécution de code à distance. Si aucune version n'est disponible, envisagez de désinstaller le plugin jusqu'à ce qu'une version corrigée soit publiée.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2024-50498 is a critical Remote Code Execution vulnerability in the WP Query Console plugin, allowing attackers to execute arbitrary code on your WordPress server.
You are affected if you are using WP Query Console version 1.0 or earlier. Upgrade as soon as a patch is released.
Currently, a patch is not available. Disable the plugin or restrict access until a fix is released. Implement WAF rules and monitor logs.
While no public exploits are currently available, the vulnerability's severity and ease of exploitation suggest it is likely to be targeted soon.
Check the WP Query Console plugin's official website or WordPress plugin repository for updates and advisories.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.