Plataforma
wordpress
Componente
shariff
Corrigido em
4.6.14
CVE-2024-4098 is a critical Local File Inclusion (LFI) vulnerability affecting the Shariff Wrapper plugin for WordPress, specifically versions up to 4.6.13. This vulnerability allows unauthenticated attackers to include and execute arbitrary files on the server, potentially leading to complete system compromise. The vulnerability resides in the shariff3uufetchsharecounts function and has been publicly disclosed on June 20, 2024. Immediate action is required to mitigate this risk.
The impact of CVE-2024-4098 is severe. An attacker exploiting this LFI vulnerability can execute arbitrary PHP code on the web server. This allows them to bypass access controls, steal sensitive data (including database credentials, API keys, and user information), and potentially gain full control of the WordPress installation. The ability to execute arbitrary code means an attacker could install backdoors, deface the website, or use the compromised server as a launchpad for further attacks against other systems on the network. The vulnerability's unauthenticated nature means that any user can potentially exploit it, making it a high-priority concern for WordPress administrators.
CVE-2024-4098 was publicly disclosed on June 20, 2024. While no active exploitation campaigns have been definitively confirmed at the time of this writing, the ease of exploitation and the critical severity of the vulnerability suggest a high probability of exploitation. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are likely to emerge quickly, increasing the risk of widespread exploitation.
WordPress websites using the Shariff Wrapper plugin, particularly those running versions 4.6.13 or earlier, are at significant risk. Shared hosting environments are particularly vulnerable as they often have limited control over plugin updates and security configurations. Websites relying on the Shariff Wrapper plugin for social sharing functionality are also at risk.
• wordpress / composer / npm:
grep -r 'shariff3uu_fetch_sharecounts' /var/www/html/wp-content/plugins/shariff-wrapper/• wordpress / composer / npm:
wp plugin list | grep shariff-wrapper• wordpress / composer / npm:
wp plugin update shariff-wrapper --all• generic web: Check WordPress plugin directory for updated versions of Shariff Wrapper.
disclosure
Status do Exploit
EPSS
0.53% (percentil 67%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2024-4098 is to immediately upgrade the Shariff Wrapper plugin to a version higher than 4.6.13, where the vulnerability has been addressed. If upgrading is not immediately possible due to compatibility issues or breaking changes, consider temporarily restricting file uploads to only explicitly allowed file types and implementing strict input validation on any user-supplied data used in file paths. While not a complete solution, a Web Application Firewall (WAF) configured to block attempts to include arbitrary files can provide an additional layer of defense. Monitor WordPress logs for suspicious file inclusion attempts, looking for unusual file paths or PHP code execution patterns.
Atualize o plugin Shariff Wrapper para a última versão disponível. Isso corrigirá a vulnerabilidade de inclusão de arquivos locais e protegerá seu site de possíveis ataques.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2024-4098 is a critical Local File Inclusion vulnerability in the Shariff Wrapper WordPress plugin, allowing attackers to execute arbitrary PHP code.
Yes, if you are using Shariff Wrapper version 4.6.13 or earlier, you are vulnerable to this LFI exploit.
Upgrade the Shariff Wrapper plugin to a version higher than 4.6.13 immediately. If upgrading is not possible, implement temporary workarounds like restricting file uploads.
While no confirmed active exploitation campaigns are known, the vulnerability's severity and ease of exploitation suggest a high probability of exploitation.
Refer to the Shariff Wrapper project's official website and WordPress plugin repository for updates and advisories related to CVE-2024-4098.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.