プラットフォーム
wordpress
コンポーネント
bricks
修正版
1.9.7
CVE-2024-2297 is a privilege escalation vulnerability affecting the Bricks WordPress theme. An authenticated attacker with contributor-level access or higher can exploit this flaw to execute arbitrary PHP code with administrator privileges. This vulnerability impacts versions of the Bricks theme up to and including 1.9.6.1, and a patch is available in version 1.9.7.
Successful exploitation of CVE-2024-2297 allows an attacker to gain complete control over a WordPress site. By executing arbitrary PHP code with administrator privileges, an attacker can modify or delete content, install malicious plugins or themes, steal sensitive data (user credentials, database information), and potentially compromise the entire server. The vulnerability's reliance on specific configurations—Builder enabled for posts, Builder access for contributors, and 'Code Execution' enabled for administrators—limits its immediate impact but still presents a significant risk if these settings are in place. This is particularly concerning as many WordPress sites utilize the Bricks theme for its extensive customization options.
CVE-2024-2297 was publicly disclosed on 2025-02-27. Currently, no public proof-of-concept (POC) exploits have been released, but the vulnerability's nature and relatively straightforward exploitation path suggest a high probability of exploitation. It is not currently listed on the CISA KEV catalog. The requirement for specific configurations (Builder enabled, contributor access, code execution enabled) may limit immediate widespread exploitation, but the potential impact warrants immediate attention.
WordPress sites utilizing the Bricks theme, particularly those with contributor-level users granted access to the Builder and administrators who have enabled 'Code Execution' within the Bricks settings, are at significant risk. Shared hosting environments where WordPress installations are managed by the hosting provider are also vulnerable if they haven't applied the update.
• wordpress / composer / npm:
grep -r 'create_autosave' /var/www/html/wp-content/plugins/bricks-builder/• wordpress / composer / npm:
wp plugin list | grep bricks-builder• wordpress / composer / npm:
wp option get bricks_builder_settings | grep 'enable_builder_for_contributors'• wordpress / composer / npm:
wp option get bricks_builder_settings | grep 'enable_code_execution'disclosure
エクスプロイト状況
EPSS
0.19% (41% パーセンタイル)
CISA SSVC
CVSS ベクトル
The primary mitigation for CVE-2024-2297 is to immediately upgrade the Bricks WordPress theme to version 1.9.7 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider temporarily disabling the Builder functionality for contributor-level users. Additionally, ensure that 'Code Execution' is disabled for administrator users within the Bricks settings. While not a complete solution, these steps can significantly reduce the attack surface. Monitor WordPress access logs for suspicious activity related to the create_autosave AJAX endpoint. After upgrading, confirm the fix by attempting to trigger the vulnerable AJAX function with a contributor account and verifying that the action is denied.
Actualice el tema Bricks a la versión 1.9.7 o superior. Esta versión corrige la vulnerabilidad de escalada de privilegios. Asegúrese de tener una copia de seguridad de su sitio web antes de realizar la actualización.
脆弱性分析と重要アラートをメールでお届けします。
CVE-2024-2297 is a vulnerability in the Bricks WordPress theme allowing authenticated contributors to execute arbitrary PHP code with administrator privileges due to insufficient validation.
You are affected if you are using the Bricks WordPress theme version 1.9.6.1 or earlier, and have enabled Builder access for contributor-level users and 'Code Execution' for administrators.
Upgrade the Bricks WordPress theme to version 1.9.7 or later. Temporarily disable Builder access for contributors and 'Code Execution' for administrators as a workaround.
While no public exploits are currently available, the vulnerability's nature suggests a high probability of exploitation.
Refer to the official Bricks WordPress website and their changelog for updates and security advisories related to CVE-2024-2297.
依存関係ファイルをアップロードすれば、このCVEや他のCVEがあなたに影響するか即座にわかります。