Plateforme
wordpress
Composant
js-support-ticket
Corrigé dans
2.8.7
CVE-2024-7094 is a critical Remote Code Execution (RCE) vulnerability discovered in the JS Help Desk – The Ultimate Help Desk & Support Plugin for WordPress. This flaw allows unauthenticated attackers to execute arbitrary code on the server due to insufficient input sanitization within the 'storeTheme' function. Versions of the plugin up to and including 2.8.6 are affected, and a full fix is available in version 2.8.7.
The impact of CVE-2024-7094 is severe. Successful exploitation allows an attacker to execute arbitrary PHP code on the web server hosting the WordPress site. This can lead to complete server compromise, including data theft, modification, or deletion. Attackers could also leverage this access to install malware, create backdoors for persistent access, or launch further attacks against other systems on the network. The lack of authentication requirements significantly broadens the attack surface, making it accessible to a wide range of malicious actors.
CVE-2024-7094 was publicly disclosed on August 13, 2024. While no active exploitation campaigns have been definitively confirmed, the CRITICAL severity and ease of exploitation suggest a high likelihood of exploitation attempts. Public proof-of-concept code is likely to emerge, further increasing the risk. This vulnerability is not currently listed on the CISA KEV catalog.
WordPress websites using the JS Help Desk plugin, particularly those running versions prior to 2.8.7, are at significant risk. Shared hosting environments are especially vulnerable, as a compromise of one site can potentially impact others on the same server. Sites with weak WordPress security configurations or those lacking regular plugin updates are also at increased risk.
• wordpress / composer / npm:
grep -r 'storeTheme' /var/www/html/wp-content/plugins/js-help-desk/• wordpress / composer / npm:
wp plugin list --status=all | grep 'JS Help Desk'• wordpress / composer / npm:
wp plugin update js-help-desk• generic web: Check WordPress plugin directory for updates and security advisories related to JS Help Desk.
disclosure
Statut de l'Exploit
EPSS
71.96% (percentile 99%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2024-7094 is to immediately upgrade the JS Help Desk plugin to version 2.8.7 or later. If upgrading is not immediately feasible, consider implementing a temporary workaround by restricting access to the 'storeTheme' function. This could involve modifying the plugin's code (with caution and thorough testing) or using a WordPress security plugin to block access to the vulnerable endpoint. Monitor WordPress access logs for suspicious activity related to the 'storeTheme' function. After upgrading, confirm the fix by attempting to trigger the vulnerability via a controlled test – ensure no code execution occurs.
Mettez à jour le plugin JS Help Desk – The Ultimate Help Desk & Support Plugin à la version 2.8.7 ou supérieure. Cette version corrige la vulnérabilité d'injection de code PHP qui permet l'exécution de code à distance.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2024-7094 is a critical Remote Code Execution vulnerability in the JS Help Desk WordPress plugin, allowing attackers to execute code on the server if you're using versions up to 2.8.6.
Yes, if you are using the JS Help Desk plugin version 2.8.6 or earlier, you are vulnerable to this RCE vulnerability. Upgrade immediately.
Upgrade the JS Help Desk plugin to version 2.8.7 or later to resolve this vulnerability. If immediate upgrade isn't possible, consider temporary workarounds like restricting access to the 'storeTheme' function.
While no confirmed active exploitation campaigns have been reported, the CRITICAL severity and ease of exploitation suggest a high likelihood of exploitation attempts.
Refer to the JS Help Desk plugin's official website and WordPress plugin repository for the latest security advisory and update information.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.