Plateforme
wordpress
Composant
bit-form
Corrigé dans
2.13.10
CVE-2024-7777 describes an arbitrary file access vulnerability discovered in the Contact Form by Bit Form WordPress plugins, including Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder. This flaw allows authenticated administrators to read and delete arbitrary files on the server, posing a significant risk of remote code execution. The vulnerability impacts versions 2.0 through 2.13.9, and a patch is expected from the vendor.
The primary impact of CVE-2024-7777 is the ability for an authenticated administrator to read and delete any file accessible by the webserver. This is particularly concerning because deleting the wp-config.php file would effectively disable the WordPress site, potentially allowing an attacker to inject malicious code or gain control of the server. Successful exploitation could lead to complete compromise of the WordPress installation, including data exfiltration, website defacement, and further attacks against the underlying server infrastructure. The ease of exploitation, combined with the critical nature of WordPress sites, makes this a high-priority vulnerability.
CVE-2024-7777 has been publicly disclosed and is considered a high-risk vulnerability due to its ease of exploitation and potential impact. While no active exploitation campaigns have been definitively confirmed at the time of writing, the availability of the vulnerability details increases the likelihood of exploitation. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are likely to emerge shortly.
WordPress websites using the Contact Form by Bit Form plugins, particularly those with administrator-level users who may be targeted by attackers. Shared hosting environments are at increased risk, as they often have limited control over server file permissions and security configurations. Websites relying on older, unpatched versions of the plugin are especially vulnerable.
• wordpress / composer / npm:
grep -r "wp_delete_file" /var/www/html/wp-content/plugins/contact-form-by-bit-form/*• wordpress / composer / npm:
wp plugin list --status=all | grep "contact-form-by-bit-form"• wordpress / composer / npm:
wp plugin update contact-form-by-bit-form• generic web: Check WordPress plugin directory for updates and security advisories. • generic web: Review WordPress server logs for unusual file access patterns, particularly attempts to access sensitive files like wp-config.php.
disclosure
Statut de l'Exploit
EPSS
4.03% (percentile 88%)
CISA SSVC
Vecteur CVSS
The immediate mitigation for CVE-2024-7777 is to upgrade the Contact Form by Bit Form plugins to a patched version as soon as it becomes available. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider restricting file permissions on the WordPress server to minimize the potential impact of a successful attack. Implement a Web Application Firewall (WAF) with rules to block suspicious file access attempts. Monitor WordPress logs for unusual file access patterns and unauthorized file deletions. After upgrading, verify the fix by attempting to access a sensitive file (e.g., through a crafted URL) and confirming that access is denied.
Mettez à jour le plugin Contact Form by Bit Form vers la dernière version disponible. Cela corrigera la vulnérabilité de lecture et de suppression arbitraires de fichiers.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2024-7777 is a critical vulnerability allowing authenticated administrators to read and delete files on WordPress servers using the Contact Form by Bit Form plugins, potentially leading to remote code execution.
You are affected if your WordPress site uses the Contact Form by Bit Form plugins in versions 2.0 through 2.13.9. Check your plugin versions immediately.
Upgrade the Contact Form by Bit Form plugins to the latest available version as soon as possible. If upgrading is not immediately possible, implement temporary mitigation measures like restricting file permissions and using a WAF.
While no active exploitation campaigns have been definitively confirmed, the vulnerability is publicly disclosed and poses a significant risk of exploitation.
Check the official Contact Form by Bit Form website and WordPress plugin repository for security advisories and updates related to CVE-2024-7777.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.