Plataforma
wordpress
Componente
startklar-elmentor-forms-extwidgets
Corrigido em
1.7.16
CVE-2024-5153 describes a critical Path Traversal vulnerability affecting the Startklar Elementor Addons plugin for WordPress. This vulnerability allows unauthenticated attackers to read arbitrary files and delete directories on the server. The vulnerability impacts versions of the plugin up to and including 1.7.15. A patch is available from the vendor.
The impact of this vulnerability is severe. An attacker can leverage the 'dropzone_hash' parameter to bypass security controls and access files outside of the intended directory. This could lead to the exposure of sensitive data such as database credentials, configuration files, or even source code. Furthermore, the attacker can delete arbitrary directories, potentially disrupting the entire WordPress installation or causing irreversible data loss. The ability to delete the root WordPress directory represents a significant escalation of the attack's potential impact.
This vulnerability was publicly disclosed on 2024-06-06. While no active exploitation campaigns have been confirmed, the critical severity and ease of exploitation make it a high-priority target. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are likely to emerge given the vulnerability's nature and severity.
Websites using the Startklar Elementor Addons plugin, particularly those running older versions (≤1.7.15), are at significant risk. Shared hosting environments are especially vulnerable, as they often have limited access controls and a higher density of potential targets. WordPress installations with weak file permissions or inadequate security configurations are also at increased risk.
• wordpress / composer / npm:
grep -r 'dropzone_hash' /var/www/html/wp-content/plugins/startklar-elementor-addons/• generic web:
curl -I http://your-wordpress-site.com/wp-content/plugins/startklar-elementor-addons/dropzone.php?dropzone_hash=../../../../etc/passwd• wordpress / composer / npm:
wp plugin list --status=inactive | grep startklar-elementor-addons• wordpress / composer / npm:
wp plugin list --status=active | grep startklar-elementor-addonsdisclosure
Status do Exploit
EPSS
5.45% (percentil 90%)
CISA SSVC
Vetor CVSS
The primary mitigation is to upgrade to a patched version of the Startklar Elementor Addons plugin. The vendor has not specified a fixed version, so check their official advisory for the latest release. As a temporary workaround, restrict access to the vulnerable endpoint using a web application firewall (WAF) or proxy server. Implement strict file permissions on the WordPress installation to limit the damage an attacker can cause if they manage to execute arbitrary commands. Consider using a security plugin that can monitor file integrity and detect unauthorized changes.
Atualize o plugin Startklar Elementor Addons para a última versão disponível. Isso corrigirá a vulnerabilidade de path traversal que permite a exclusão de diretórios arbitrários. Se não houver uma versão disponível, considere desabilitar o plugin até que uma atualização seja publicada.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2024-5153 is a critical vulnerability allowing attackers to read and delete files on a WordPress server through the 'dropzone_hash' parameter in the Startklar Elementor Addons plugin.
You are affected if you are using Startklar Elementor Addons version 1.7.15 or earlier. Check your plugin version and upgrade immediately.
Upgrade to the latest version of the Startklar Elementor Addons plugin. Consult the vendor's advisory for the specific fixed version.
While no active exploitation campaigns have been confirmed, the vulnerability's severity and ease of exploitation make it a likely target.
Check the Startklar Elementor Addons website and WordPress plugin repository for the official advisory and patch information.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.