Plataforma
wordpress
Componente
searchpro
Corrigido em
1.7.6
CVE-2024-37942 describes a Server-Side Request Forgery (SSRF) vulnerability discovered in the BerqWP WordPress plugin. This flaw allows attackers to manipulate the plugin into making requests to unintended internal or external resources, potentially leading to unauthorized data access or system compromise. The vulnerability impacts versions of BerqWP up to and including 1.7.5, with a fix released in version 1.7.6.
The SSRF vulnerability in BerqWP allows an attacker to craft malicious requests that the plugin will execute on behalf of the server. This can be exploited to access internal services that are not directly exposed to the internet, such as administrative panels, databases, or other sensitive resources. An attacker could potentially read sensitive data, modify configurations, or even gain a foothold for further attacks. The impact is amplified if the BerqWP plugin is used in conjunction with other plugins or services that rely on its functionality, as the SSRF vulnerability could be leveraged to compromise those systems as well. While no specific real-world exploitation has been publicly reported, SSRF vulnerabilities are frequently targeted due to their ease of exploitation and potential for significant impact.
CVE-2024-37942 was publicly disclosed on 2024-07-22. As of this date, it is not listed on the CISA KEV catalog. There are currently no publicly available proof-of-concept exploits, but the SSRF nature of the vulnerability makes it likely that exploits will emerge. The EPSS score is likely to be medium, given the relatively straightforward nature of SSRF exploitation and the widespread use of WordPress plugins.
Websites utilizing the BerqWP plugin, particularly those running older versions (≤1.7.5), are at risk. Shared hosting environments are especially vulnerable as they often have limited control over plugin updates and security configurations. Sites that rely on BerqWP for integration with internal services or APIs are also at increased risk, as the SSRF vulnerability could be used to bypass security controls and access sensitive data.
• wordpress / composer / npm:
grep -r 'wp_remote_get' /var/www/html/wp-content/plugins/berqwp/• generic web:
curl -I https://your-wordpress-site.com/wp-content/plugins/berqwp/ | grep -i 'server:'• wordpress / composer / npm:
wp plugin list --status=active | grep berqwpdisclosure
Status do Exploit
EPSS
0.34% (percentil 56%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2024-37942 is to immediately upgrade the BerqWP plugin to version 1.7.6 or later. If upgrading is not immediately feasible due to compatibility issues or testing requirements, consider implementing temporary workarounds. These include configuring a Web Application Firewall (WAF) to block suspicious outbound requests originating from the BerqWP plugin. Additionally, implement strict input validation to sanitize any user-supplied data that is used to construct URLs within the plugin. Monitor server logs for unusual outbound requests that may indicate exploitation attempts. After upgrading, verify the fix by attempting to trigger the SSRF vulnerability using a known payload and confirming that the request is blocked or handled safely.
Atualize o plugin BerqWP para uma versão posterior a 1.7.5. Isso corrigirá a vulnerabilidade SSRF. Se não houver uma versão disponível, considere desabilitar o plugin até que uma atualização seja publicada.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2024-37942 is a Server-Side Request Forgery vulnerability affecting the BerqWP WordPress plugin, allowing attackers to make unauthorized requests.
Yes, if you are using BerqWP version 1.7.5 or earlier, you are vulnerable to this SSRF vulnerability.
Upgrade BerqWP to version 1.7.6 or later to resolve the vulnerability. Implement WAF rules as a temporary workaround.
While no active exploitation has been publicly confirmed, the SSRF nature of the vulnerability makes it a likely target.
Refer to the Berqier Ltd website and WordPress plugin repository for the official advisory and update information.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.