Plateforme
wordpress
Composant
flashnews-fading-effect-pearlbells
Corrigé dans
4.1.1
CVE-2024-56012 describes a Cross-Site Request Forgery (CSRF) vulnerability affecting Pearlbells Flash News / Post (Responsive) and Pearlbells Post Title (TypeWriter) WordPress plugins. This vulnerability allows an attacker to perform unauthorized actions on a user's account without their knowledge. Versions of the plugins up to and including 4.1 are affected, and a patch is available in version 4.1.1.
The CSRF vulnerability allows an attacker to trick a legitimate user into unknowingly executing malicious actions on a WordPress site. For example, an attacker could craft a malicious link or embed it in a website that, when clicked by an authenticated user, could modify plugin settings, create or delete posts, or perform other administrative actions. This could lead to unauthorized content publication, website defacement, or even complete compromise of the WordPress installation, depending on the permissions associated with the affected user. The CRITICAL CVSS score reflects the ease of exploitation and the potential for significant impact.
This vulnerability was publicly disclosed on December 16, 2024. There is currently no indication of active exploitation in the wild, but the ease of exploitation and the CRITICAL severity rating warrant immediate attention. No Proof of Concept (PoC) code has been publicly released as of this writing. It is not listed on the CISA KEV catalog.
WordPress websites utilizing Pearlbells Flash News / Post (Responsive) or Pearlbells Post Title (TypeWriter) plugins, particularly those running older versions (≤4.1), are at significant risk. Shared hosting environments where plugin updates are not managed centrally are especially vulnerable, as are sites with administrative users who frequently click on links from untrusted sources.
• wordpress / composer / npm:
grep -r 'pearlbells_flash_news' /var/www/html/wp-content/plugins/
wp plugin list | grep pearlbells• generic web:
curl -I https://your-wordpress-site.com/wp-admin/admin-ajax.php?action=pearlbells_flash_news_save_settings&nonce=malicious_noncedisclosure
Statut de l'Exploit
EPSS
0.13% (percentile 32%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2024-56012 is to immediately upgrade Pearlbells Flash News / Post (Responsive) and Pearlbells Post Title (TypeWriter) plugins to version 4.1.1 or later. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to filter out suspicious requests containing CSRF tokens. WordPress plugins like Wordfence can help with this. Additionally, ensure users are educated about the risks of clicking on untrusted links and entering credentials on unfamiliar websites. After upgrading, verify the fix by attempting to trigger a plugin action via a crafted CSRF request and confirming that it fails.
Actualice el plugin Flash News / Post (Responsive) a una versión posterior a la 4.1. Si no hay una versión disponible, considere deshabilitar o eliminar el plugin hasta que se publique una actualización que corrija la vulnerabilidad CSRF. Esto evitará que atacantes exploten la vulnerabilidad para escalar privilegios.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2024-56012 is a critical Cross-Site Request Forgery (CSRF) vulnerability affecting Pearlbells Flash News / Post (Responsive) and Post Title (TypeWriter) WordPress plugins, allowing attackers to perform unauthorized actions.
Yes, if you are using Pearlbells Flash News / Post (Responsive) or Post Title (TypeWriter) versions 4.1 or earlier, you are vulnerable to this CSRF attack.
Upgrade Pearlbells Flash News / Post (Responsive) and Post Title (TypeWriter) plugins to version 4.1.1 or later to resolve the vulnerability. Consider WAF rules as a temporary mitigation.
There is currently no confirmed active exploitation of CVE-2024-56012, but the CRITICAL severity warrants immediate patching.
Please refer to the Pearlbells website or WordPress plugin repository for the latest advisory and update information regarding CVE-2024-56012.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.