Platform
wordpress
Component
advanced-access-manager
Opgelost in
5.9.9
CVE-2019-25213 is an unauthenticated Arbitrary File Read vulnerability affecting the Advanced Access Manager plugin for WordPress. This vulnerability allows attackers to read any file on the server, potentially exposing sensitive information like database credentials. It impacts versions of the plugin up to and including 5.9.8.1; a fix is available in version 5.9.9.
The primary impact of CVE-2019-25213 is the potential for unauthorized access to sensitive files on the web server. An attacker can exploit this vulnerability by crafting a malicious request that targets the aam-media parameter without proper validation. Successful exploitation allows the attacker to read any file accessible to the web server process, including the wp-config.php file, which contains database credentials, API keys, and other critical configuration data. Compromise of wp-config.php could lead to complete website takeover, data breaches, and further malicious activity. This vulnerability is particularly concerning because it requires no authentication, making it easily exploitable by a wide range of attackers.
CVE-2019-25213 was publicly disclosed on 2019-12-16. While no active exploitation campaigns have been definitively linked to this specific CVE, the ease of exploitation and the potential for significant impact make it a persistent risk. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are readily available, increasing the likelihood of opportunistic attacks.
WordPress websites utilizing the Advanced Access Manager plugin, particularly those running versions prior to 5.9.9, are at significant risk. Shared hosting environments are especially vulnerable as they often have limited control over server file permissions and plugin updates. Websites with legacy configurations or those that haven't implemented robust security practices are also more susceptible to exploitation.
• wordpress / composer / npm:
grep -r 'aam-media' /var/www/html/wp-content/plugins/• generic web:
curl -I 'http://your-wordpress-site.com/wp-content/plugins/advanced-access-manager/aam-media?aam-media=../../../../wp-config.php' • wordpress / composer / npm:
wp plugin list | grep 'Advanced Access Manager'• wordpress / composer / npm:
find /var/www/html/wp-content/plugins/ -name 'advanced-access-manager.php' -printdisclosure
public report
Exploit Status
EPSS
46.13% (98% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2019-25213 is to immediately upgrade the Advanced Access Manager plugin to version 5.9.9 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing a temporary workaround by restricting access to the vulnerable endpoint using a web application firewall (WAF) or proxy server. Specifically, block requests to the aam-media parameter with invalid or unexpected values. Regularly review file permissions on the server to ensure that sensitive files are not accessible by the web server process. After upgrading, confirm the fix by attempting to access the vulnerable endpoint with a crafted request; the server should return an error indicating access is denied.
Werk de Advanced Access Manager plugin bij naar versie 5.9.9 of hoger. Deze versie bevat de beveiligingscorrectie die het willekeurig lezen van bestanden voorkomt. De update kan direct vanuit het WordPress beheerpaneel worden uitgevoerd.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2019-25213 is a critical vulnerability in the Advanced Access Manager WordPress plugin allowing unauthenticated attackers to read any file on the server, including sensitive configuration files.
You are affected if you are using Advanced Access Manager version 5.9.9 or earlier. Immediately check your plugin version and upgrade if necessary.
Upgrade the Advanced Access Manager plugin to version 5.9.9 or later. As a temporary workaround, restrict access to the vulnerable endpoint using a WAF or proxy server.
While no confirmed active campaigns are publicly known, the ease of exploitation and availability of PoCs suggest a risk of opportunistic attacks.
Refer to the Advanced Access Manager plugin documentation and website for the latest security advisories and updates: https://advancedaccessmanager.com/
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.