प्लेटफ़ॉर्म
wordpress
घटक
thesis-openhook
में ठीक किया गया
4.3.1
4.3.1
CVE-2023-5201 is a critical Remote Code Execution (RCE) vulnerability discovered in the OpenHook WordPress plugin. This vulnerability allows authenticated attackers, even those with subscriber-level permissions, to execute arbitrary code on the server. The issue affects versions of OpenHook up to and including 4.3.0, and a fix is available in version 4.3.1.
The impact of CVE-2023-5201 is severe. An attacker who can successfully exploit this vulnerability gains complete control over the WordPress server. This could lead to data breaches, website defacement, malware installation, and complete compromise of the hosting environment. The requirement for subscriber-level permissions significantly broadens the attack surface, as many WordPress installations have numerous users with this level of access. This vulnerability shares similarities with other shortcode-based RCE vulnerabilities, where improper sanitization allows for code injection.
CVE-2023-5201 was publicly disclosed on September 30, 2023. While no active exploitation campaigns have been definitively confirmed, the vulnerability's critical severity and ease of exploitation make it a high-priority target. It is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are likely to emerge, increasing the risk of widespread exploitation.
WordPress websites utilizing the OpenHook plugin, particularly those with multiple users holding subscriber-level permissions, are at significant risk. Shared hosting environments where multiple websites share the same server are also vulnerable, as a compromise of one site could potentially lead to the compromise of others.
• wordpress / composer / npm:
grep -r '[php] shortcode' /var/www/html/wp-content/plugins/openhook/• wordpress / composer / npm:
wp plugin list | grep openhook• wordpress / composer / npm:
wp plugin status openhook• generic web: Check WordPress access logs for requests containing the [php] shortcode, especially those originating from unusual IP addresses.
disclosure
एक्सप्लॉइट स्थिति
EPSS
7.00% (91% शतमक)
CVSS वेक्टर
The primary mitigation for CVE-2023-5201 is to immediately upgrade the OpenHook plugin to version 4.3.1 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, temporarily disable the [php] shortcode within the plugin's settings. Consider implementing a Web Application Firewall (WAF) rule to block requests containing the [php] shortcode. Monitor WordPress access logs for suspicious activity related to the shortcode, such as unusual parameter values or unexpected file access attempts. After upgrading, confirm the vulnerability is resolved by attempting to execute a benign PHP command through the shortcode and verifying that it is blocked.
OpenHook प्लगइन को 4.3.1 या उससे ऊपर के संस्करण में अपडेट करें। यह संस्करण रिमोट कोड एग्जीक्यूशन (Remote Code Execution) के कमजोरियों को ठीक करता है। यदि तुरंत अपडेट करना संभव नहीं है तो [php] शॉर्टकोड को अक्षम करने से भी जोखिम कम हो जाता है।
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2023-5201 is a critical Remote Code Execution vulnerability in the OpenHook WordPress plugin affecting versions up to 4.3.0. It allows authenticated attackers to execute code on the server via the [php] shortcode.
You are affected if you are using OpenHook WordPress plugin version 4.3.0 or earlier and the [php] shortcode is enabled. Check your plugin version and shortcode settings immediately.
Upgrade the OpenHook plugin to version 4.3.1 or later. If upgrading is not possible, temporarily disable the [php] shortcode within the plugin's settings.
While no confirmed active exploitation campaigns have been reported, the vulnerability's severity and ease of exploitation make it a high-priority target. Exploitation is likely.
Refer to the OpenHook plugin's official website or WordPress plugin repository for the latest advisory and update information: [https://wordpress.org/plugins/openhook/](https://wordpress.org/plugins/openhook/)
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।