Plataforma
wordpress
Componente
email-subscribers
Corrigido em
5.6.24
CVE-2023-5414 is a critical directory traversal vulnerability affecting the Icegram Express plugin for WordPress. This flaw allows authenticated attackers with administrator privileges to read arbitrary files on the server, potentially exposing sensitive information. The vulnerability impacts versions of Icegram Express up to and including 5.6.23. A patch is available, and users are strongly advised to upgrade immediately.
The directory traversal vulnerability in Icegram Express allows an authenticated administrator to bypass intended file access restrictions. By manipulating the showeslogs function, an attacker can craft requests that read files outside of the plugin's designated directory. This poses a significant risk, particularly in shared hosting environments where multiple websites reside on the same server. Sensitive data such as database credentials, configuration files, or even code from other websites could be exposed. The impact is amplified by the plugin's widespread use and the potential for automated exploitation.
CVE-2023-5414 was publicly disclosed on 2023-10-20. While no active exploitation campaigns have been definitively confirmed, the vulnerability's critical severity and ease of exploitation make it a high-priority target. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are likely to emerge, increasing the risk of widespread exploitation.
Shared hosting environments are particularly at risk, as the vulnerability allows attackers to potentially access data from other websites hosted on the same server. WordPress administrators with access to the Icegram Express plugin are also at risk. Users who have not updated Icegram Express to the latest version are vulnerable.
• wordpress / composer / npm:
grep -r "show_es_logs" /var/www/html/wp-content/plugins/icegram-express/• generic web:
curl -I 'https://your-wordpress-site.com/wp-content/plugins/icegram-express/show_es_logs?file=../../../../etc/passwd' # Attempt to read sensitive filedisclosure
Status do Exploit
EPSS
2.09% (percentil 84%)
Vetor CVSS
The primary mitigation for CVE-2023-5414 is to upgrade Icegram Express to a version that addresses the vulnerability. The vendor has released a patch, so ensure you are using the latest available version. If immediate upgrading is not possible due to compatibility issues or breaking changes, consider temporarily restricting access to the showeslogs function through server-level configuration (e.g., .htaccess rules for Apache) or a web application firewall (WAF). Monitor server logs for suspicious file access attempts. After upgrading, confirm the fix by attempting to access a non-existent file via the vulnerable endpoint and verifying that access is denied.
Atualize o plugin Icegram Express para a última versão disponível. A versão 5.6.24 ou superior corrige esta vulnerabilidade de Directory Traversal (Directory Traversal). Isso evitará que atacantes com privilégios de administrador possam ler arquivos arbitrários no servidor.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2023-5414 is a critical vulnerability in Icegram Express WordPress plugin allowing attackers to read arbitrary files on the server.
You are affected if you are using Icegram Express version 5.6.23 or earlier. Check your plugin version and upgrade immediately.
Upgrade Icegram Express to the latest version that addresses the vulnerability. If immediate upgrade is not possible, implement temporary workarounds like WAF rules.
While no confirmed active exploitation campaigns are known, the vulnerability's severity makes it a likely target for attackers.
Refer to the Icegram Express website and WordPress plugin repository for the latest advisory and update information.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.