WordPress GitSync प्लगइन <= 1.1.0 - CSRF से रिमोट कोड एग्जीक्यूशन भेद्यता

The impact of this RCE vulnerability is severe. An attacker can leverage a CSRF request to inject arbitrary code into the GitSync plugin, effectively gaining complete control over the WordPress site. This could lead to data breaches, website defacement, malware installation, and potential compromise of the entire server infrastructure. The attacker could steal sensitive user data, modify website content, or use the compromised site as a launchpad for further attacks against other systems on the network. Given the plugin's functionality, access to Git repositories could also be compromised.

WordPress sites utilizing the GitSync plugin, particularly those with limited security configurations or shared hosting environments, are at significant risk. Sites with outdated WordPress installations or those lacking robust CSRF protection mechanisms are especially vulnerable. Users who have not recently reviewed plugin permissions or implemented WAF rules are also at increased risk.

• wordpress / composer / npm:

grep -r 'gitSync_update_repo' /var/www/html/wp-content/plugins/

• generic web:

curl -I https://your-wordpress-site.com/wp-content/plugins/gitsync/ | grep -i 'csrf-token'

• wordpress / composer / npm:

wp plugin list --status=all | grep GitSync

1. 2024-12-16Disclosure

   disclosure

1. आरक्षित2024-12-02
2. प्रकाशित2024-12-16
3. EPSS अद्यतन2026-04-02

The primary mitigation for CVE-2024-54368 is to immediately upgrade the GitSync plugin to version 1.1.1 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing a Web Application Firewall (WAF) rule to block suspicious CSRF requests targeting the GitSync plugin's endpoints. Carefully review and restrict user permissions within the WordPress environment to limit the potential impact of a successful attack. Monitor WordPress logs for unusual activity, particularly requests containing potentially malicious code.