The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to SQL Injection via the 'table_prefix' parameter in version 0.9.68 due to insufficient escaping on the user supplied parame
wordt vertaald…Platform
wordpress
Component
wpvivid-backuprestore
Opgelost in
0.9.69
CVE-2024-1981 is a critical SQL Injection vulnerability affecting the Migration, Backup, Staging – WPvivid plugin for WordPress. This vulnerability allows unauthenticated attackers to inject malicious SQL queries, potentially leading to data exfiltration. It impacts versions 0.9.68. A patch is expected from the vendor; implement temporary mitigations until the update is available.
Detecteer deze CVE in je project
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Impact en Aanvalsscenarioswordt vertaald…
The SQL Injection vulnerability in WPvivid allows attackers to manipulate database queries through the 'table_prefix' parameter. Successful exploitation could enable attackers to extract sensitive information such as usernames, passwords, customer data, and other confidential information stored within the WordPress database. Depending on the database structure and permissions, an attacker might even be able to modify or delete data, leading to a complete compromise of the WordPress site. This vulnerability is particularly concerning given the plugin's function of managing backups and migrations, which often contain highly sensitive data.
Uitbuitingscontextwordt vertaald…
CVE-2024-1981 was publicly disclosed on 2024-02-29. Public proof-of-concept exploits are likely to emerge quickly given the ease of exploitation associated with SQL Injection vulnerabilities. The CVSS score of 9.8 (CRITICAL) indicates a high probability of exploitation. Monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns targeting this vulnerability.
Wie Loopt Risicowordt vertaald…
WordPress websites utilizing the WPvivid plugin, particularly those handling sensitive customer data or financial information, are at significant risk. Shared hosting environments where multiple WordPress sites share a database are especially vulnerable, as a compromise of one site could potentially expose data from others.
Detectiestappenwordt vertaald…
• wordpress / composer / npm:
grep -r "table_prefix" /var/www/html/wp-content/plugins/wpvivid/• generic web:
curl -I https://your-wordpress-site.com/wp-content/plugins/wpvivid/ | grep Server• wordpress / composer / npm:
wp plugin list | grep wpvivid• wordpress / composer / npm:
wp plugin status wpvividAanvalstijdlijn
- Disclosure
disclosure
Dreigingsinformatie
Exploit Status
EPSS
2.58% (85% percentiel)
CVSS-vector
Wat betekenen deze metrics?
- Attack Vector
- Netwerk — op afstand uitbuitbaar via internet. Geen fysieke of lokale toegang vereist.
- Attack Complexity
- Laag — geen speciale voorwaarden vereist. Betrouwbaar uitbuitbaar.
- Privileges Required
- Geen — geen authenticatie vereist om te exploiteren.
- User Interaction
- Geen — automatische en stille aanval. Slachtoffer doet niets.
- Scope
- Ongewijzigd — impact beperkt tot het kwetsbare component.
- Confidentiality
- Hoog — volledig verlies van vertrouwelijkheid. Aanvaller kan alle gegevens lezen.
- Integrity
- Hoog — aanvaller kan alle gegevens schrijven, aanpassen of verwijderen.
- Availability
- Hoog — volledige crash of uitputting van resources. Totale denial of service.
Getroffen Software
Pakketinformatie
- Actieve installaties
- 900KBekend
- Plugin-beoordeling
- 4.9
- Vereist WordPress
- 4.5+
- Compatibel tot
- 6.9.4
- Vereist PHP
- 5.3+
Zwakheidsclassificatie (CWE)
Tijdlijn
- Gereserveerd
- Gepubliceerd
- Gewijzigd
- EPSS bijgewerkt
Mitigatie en Workaroundswordt vertaald…
The primary mitigation is to immediately upgrade the WPvivid plugin to a patched version as soon as it becomes available. Until the patch is deployed, consider implementing temporary workarounds. Restrict access to the plugin's administrative interface to authorized personnel only. Implement a Web Application Firewall (WAF) with SQL Injection protection rules to filter potentially malicious requests. Regularly review WordPress database access logs for suspicious activity. While a direct detection signature is difficult, monitor database logs for unusual SQL queries originating from the plugin’s directory.
Hoe te verhelpenwordt vertaald…
Actualice el plugin Migration, Backup, Staging – WPvivid a la última versión disponible. La vulnerabilidad de inyección SQL en el parámetro 'table_prefix' ha sido corregida en versiones posteriores a la 0.9.68.
CVE Beveiligingsnieuwsbrief
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
Veelgestelde vragenwordt vertaald…
What is CVE-2024-1981 — SQL Injection in WPvivid WordPress Plugin?
CVE-2024-1981 is a critical SQL Injection vulnerability in the WPvivid WordPress plugin, allowing attackers to extract sensitive data from the database through the 'table_prefix' parameter.
Am I affected by CVE-2024-1981 in WPvivid WordPress Plugin?
If you are using WPvivid version 0.9.68, you are vulnerable. Check your plugin version and upgrade immediately.
How do I fix CVE-2024-1981 in WPvivid WordPress Plugin?
Upgrade to the latest version of the WPvivid plugin as soon as a patch is released by the vendor. Until then, implement temporary mitigations like WAF rules and access restrictions.
Is CVE-2024-1981 being actively exploited?
Given the critical severity and ease of exploitation, it is highly probable that CVE-2024-1981 is already being targeted by attackers. Monitor your systems closely.
Where can I find the official WPvivid advisory for CVE-2024-1981?
Check the WPvivid plugin website and WordPress.org plugin repository for the official security advisory and patch information.
Is jouw project getroffen?
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.