Platform
wordpress
Component
frontend-dashboard
Opgelost in
2.2.5
CVE-2024-8268 is a critical Remote Code Execution (RCE) vulnerability affecting the Frontend Dashboard plugin for WordPress. This vulnerability allows authenticated users with subscriber-level access or higher to execute arbitrary code on the server. The issue stems from insufficient input validation within the ajax_request() function, enabling attackers to call arbitrary functions. Affected versions include those prior to 2.2.5, with a fix released in version 2.2.5.
The impact of CVE-2024-8268 is significant due to the ease with which an attacker can exploit it. An authenticated subscriber, a relatively low-privilege WordPress user, can leverage this vulnerability to execute arbitrary code. This could lead to complete server compromise, including data exfiltration, malware installation, and defacement of the website. The attacker could also use this access to escalate their privileges further, potentially gaining administrator access. The blast radius extends to any sensitive data stored on the WordPress site, including user credentials, customer information, and financial data. This vulnerability shares similarities with other code execution flaws in WordPress plugins where insufficient input sanitization allows for malicious code injection.
CVE-2024-8268 was publicly disclosed on September 10, 2024. While no active exploitation campaigns have been definitively confirmed, the ease of exploitation and the wide use of the Frontend Dashboard plugin make it a likely target. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are likely to emerge given the vulnerability's nature and public disclosure.
Websites using the Frontend Dashboard plugin, particularly those with subscriber-level users who have access to the frontend dashboard functionality, are at risk. Shared hosting environments where multiple WordPress sites share the same server are also at increased risk, as a compromise of one site could potentially lead to the compromise of others.
• wordpress / composer / npm:
grep -r 'ajax_request(' /var/www/html/wp-content/plugins/frontend-dashboard/• wordpress / composer / npm:
wp plugin list --status=active | grep 'frontend-dashboard'• wordpress / composer / npm:
wp plugin update frontend-dashboard --version=2.2.5• generic web: Check WordPress plugin directory for reports of exploitation or discussions related to CVE-2024-8268.
disclosure
Exploit Status
EPSS
0.36% (58% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2024-8268 is to immediately upgrade the Frontend Dashboard plugin to version 2.2.5 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider temporarily restricting access to the ajaxrequest() endpoint using a WordPress firewall (WAF) or security plugin. Implement strict input validation on all user-supplied data within the plugin. Monitor WordPress logs for suspicious activity, particularly calls to unexpected functions. After upgrading, confirm the fix by attempting to trigger the vulnerable ajaxrequest() function with a benign payload to ensure it is properly sanitized.
Actualice el plugin Frontend Dashboard a la versión 2.2.5 o superior. Esta versión contiene una corrección para la vulnerabilidad de ejecución de código arbitrario. La actualización se puede realizar desde el panel de administración de WordPress.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2024-8268 is a Remote Code Execution vulnerability in the Frontend Dashboard WordPress plugin, allowing authenticated subscribers to execute arbitrary code.
You are affected if you are using the Frontend Dashboard plugin version 2.2.4 or earlier.
Upgrade the Frontend Dashboard plugin to version 2.2.5 or later to resolve the vulnerability.
While no confirmed active exploitation campaigns are known, the vulnerability's ease of exploitation makes it a potential target.
Refer to the Frontend Dashboard plugin's official website or WordPress plugin repository for the latest advisory and update information.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.