Platform
wordpress
Component
ads-by-datafeedrcom
Opgelost in
1.1.4
CVE-2023-5843 is a critical Remote Code Execution (RCE) vulnerability discovered in the Ads by datafeedr.com WordPress plugin. This flaw allows unauthenticated attackers to execute code on the server, potentially leading to complete system compromise. The vulnerability affects versions up to and including 1.1.3. A patch is available, and immediate action is recommended.
The impact of CVE-2023-5843 is severe. Successful exploitation allows an attacker to execute arbitrary code on the web server hosting the WordPress site. This could lead to complete website takeover, data theft (including sensitive user information stored in the WordPress database), defacement, and the installation of malware. Given the plugin's function (displaying ads), attackers could also inject malicious advertisements to redirect users to phishing sites or distribute malware. The lack of authentication required for exploitation significantly broadens the attack surface, making it accessible to a wide range of threat actors.
CVE-2023-5843 was publicly disclosed on 2023-10-30. While no active exploitation campaigns have been definitively confirmed, the ease of exploitation and the plugin's popularity suggest a high likelihood of exploitation attempts. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept (PoC) code is likely to emerge, further increasing the risk.
Websites using the Ads by datafeedr.com plugin, particularly those running older, unpatched versions (≤1.1.3), are at significant risk. Shared hosting environments are especially vulnerable, as attackers could potentially compromise multiple websites through a single plugin vulnerability. Sites with weak WordPress security configurations or outdated plugins are also at increased risk.
• wordpress / composer / npm:
grep -r 'dfads_ajax_load_ads' /var/www/html/wp-content/plugins/datafeedr-ads/• generic web:
curl -I https://your-wordpress-site.com/wp-admin/admin-ajax.php?action=dfads_ajax_load_ads• wordpress / composer / npm:
wp plugin list | grep datafeedr-adsdisclosure
Exploit Status
EPSS
9.14% (93% percentiel)
CVSS-vector
The primary mitigation for CVE-2023-5843 is to immediately upgrade the Ads by datafeedr.com plugin to a patched version. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider temporarily disabling the plugin. Web application firewalls (WAFs) can be configured to block requests to the vulnerable 'dfadsajaxload_ads' endpoint. Monitor WordPress access logs for suspicious activity, particularly requests originating from unfamiliar IP addresses targeting this endpoint. Review WordPress user permissions to ensure least privilege access.
Werk de Ads by datafeedr.com plugin bij naar de laatste beschikbare versie. Versie 1.1.4 of hoger corrigeert de Remote Code Execution kwetsbaarheid. U kunt bijwerken via het WordPress beheerpaneel.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2023-5843 is a critical Remote Code Execution vulnerability in the Ads by datafeedr.com WordPress plugin, allowing attackers to execute code on the server.
You are affected if you are using the Ads by datafeedr.com plugin version 1.1.3 or earlier. Immediately check your plugin version and upgrade if necessary.
Upgrade the Ads by datafeedr.com plugin to the latest available version. If upgrading is not possible, temporarily disable the plugin.
While no confirmed active exploitation campaigns are currently known, the ease of exploitation suggests a high likelihood of attempts.
Refer to the datafeedr.com website and WordPress plugin repository for the latest updates and security advisories regarding CVE-2023-5843.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.