Platform
wordpress
Component
bricks
Opgelost in
1.9.7
CVE-2024-25600 describes a Remote Code Execution (RCE) vulnerability within the Codeer Limited Bricks Builder WordPress plugin. This flaw allows attackers to inject arbitrary code, leading to potential full system compromise. The vulnerability impacts versions of Bricks Builder up to and including 1.9.6, with a fix available in version 1.9.7. Prompt patching is strongly recommended.
The RCE vulnerability in Bricks Builder allows an attacker to execute arbitrary code on the server hosting the WordPress site. This can lead to complete compromise of the web server, including data exfiltration, malware installation, and defacement. An attacker could leverage this vulnerability to gain persistent access to the system, potentially pivoting to other systems on the network. The impact is particularly severe given the widespread use of WordPress and Bricks Builder for building complex websites, often containing sensitive user data and business-critical information. Successful exploitation could have a significant blast radius, affecting not only the website itself but also any connected services or databases.
CVE-2024-25600 was publicly disclosed on June 4, 2024. While no active exploitation campaigns have been definitively confirmed at the time of writing, the CRITICAL severity and ease of exploitation suggest a high probability of exploitation. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are likely to emerge given the vulnerability's nature and severity.
Websites utilizing Bricks Builder, particularly those running older versions (≤1.9.6), are at significant risk. Shared hosting environments are especially vulnerable, as a compromise of one site can potentially impact others on the same server. Sites with custom code integrations or plugins that interact with Bricks Builder are also at increased risk.
• wordpress / composer / npm:
grep -r 'eval(base64_decode(' /var/www/html/wp-content/plugins/bricks-builder/• generic web:
curl -I https://your-wordpress-site.com/wp-content/plugins/bricks-builder/ | grep -i 'bricks-builder'• wordpress / composer / npm:
wp plugin list | grep bricks-builder• wordpress / composer / npm:
wp plugin update bricks-builder --alldisclosure
Exploit Status
EPSS
93.70% (100% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2024-25600 is to immediately upgrade Bricks Builder to version 1.9.7 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider temporarily disabling the Bricks Builder plugin. Web Application Firewalls (WAFs) configured with rules to detect and block code injection attempts may offer some protection. Monitor WordPress plugin directories and security forums for any emerging exploits or further mitigation recommendations. After upgrading, verify the fix by attempting to trigger the vulnerability with a known payload (if available) and confirming that the code injection is prevented.
Werk het Bricks Builder thema bij naar de laatste beschikbare versie. De kwetsbaarheid voor remote code execution (RCE) is verholpen in versies later dan 1.9.6. Raadpleeg het changelog van het thema voor meer details over de update.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2024-25600 is a critical Remote Code Execution vulnerability affecting Bricks Builder WordPress plugin versions up to 1.9.6, allowing attackers to execute arbitrary code.
If you are using Bricks Builder version 1.9.6 or earlier, you are vulnerable to this RCE vulnerability. Check your plugin version immediately.
Upgrade Bricks Builder to version 1.9.7 or later to resolve the vulnerability. If immediate upgrade is not possible, consider temporarily disabling the plugin.
While no confirmed active exploitation campaigns are currently known, the CRITICAL severity suggests a high probability of exploitation.
Refer to the official Bricks Builder website and WordPress plugin repository for the latest advisory and update information.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.