Platform
wordpress
Component
s2member
Opgelost in
241114.0.1
CVE-2024-51815 represents a critical Remote Code Execution (RCE) vulnerability discovered in the WP Sharks s2Member Pro WordPress plugin. This flaw allows attackers to inject arbitrary code, potentially leading to complete compromise of the affected WordPress installation. The vulnerability impacts versions of s2Member Pro from the initial release through version 241114, with a fix available in version 241114.0.1.
The impact of this RCE vulnerability is severe. A successful exploit allows an attacker to execute arbitrary code on the server hosting the WordPress site, effectively granting them full control. This could involve stealing sensitive data (user credentials, database contents, financial information), modifying website content, installing malware, or using the compromised server as a launchpad for further attacks against other systems. Given the widespread use of WordPress and the plugin's membership functionality, the potential blast radius is significant, impacting both the website owner and its users.
CVE-2024-51815 was publicly disclosed on December 6, 2024. While no active exploitation campaigns have been definitively confirmed, the CRITICAL severity and ease of exploitation (code injection) suggest a high probability of exploitation. The vulnerability is not currently listed on CISA KEV. Public proof-of-concept exploits are likely to emerge, increasing the risk of widespread exploitation.
WordPress websites utilizing the s2Member Pro plugin, particularly those running vulnerable versions (≤241114), are at significant risk. Shared hosting environments are especially vulnerable as they often lack granular control over plugin updates and security configurations. Websites relying on s2Member Pro for membership management and content restriction are prime targets for attackers seeking to gain access to sensitive user data and control website functionality.
• wordpress / composer / npm:
grep -r "s2Member Pro" /var/www/html/wp-content/plugins/
wp plugin list | grep s2Member Pro• generic web:
curl -I https://your-wordpress-site.com/wp-content/plugins/s2member-pro/ | grep -i 's2member pro'disclosure
Exploit Status
EPSS
0.19% (41% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2024-51815 is to immediately upgrade to version 241114.0.1 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing temporary workarounds. While no specific WAF rules are readily available, generic code injection prevention rules might offer some limited protection. Closely monitor WordPress logs for any suspicious activity, particularly requests containing unusual characters or patterns that could indicate an attempted code injection. After upgrading, verify the fix by attempting a code injection payload through a vulnerable endpoint (if known) and confirming that it is blocked.
Werk de s2Member plugin bij naar de laatste beschikbare versie. Indien er geen versie beschikbaar is, overweeg dan om de plugin uit te schakelen of te verwijderen totdat een gecorrigeerde versie is uitgebracht. Raadpleeg de website van de leverancier voor meer informatie en updates.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2024-51815 is a critical Remote Code Execution vulnerability in the s2Member Pro WordPress plugin, allowing attackers to execute arbitrary code on the server.
You are affected if you are using s2Member Pro versions less than or equal to 241114. Check your plugin version and upgrade immediately.
Upgrade to version 241114.0.1 or later to resolve the vulnerability. If immediate upgrade is not possible, consider temporary workarounds like monitoring logs.
While no active campaigns are confirmed, the CRITICAL severity and ease of exploitation suggest a high probability of exploitation.
Refer to the WP Sharks website and WordPress plugin repository for the official advisory and update information.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.