平台
wordpress
组件
email-subscribers
修复版本
5.6.24
CVE-2023-5414 is a critical directory traversal vulnerability affecting the Icegram Express plugin for WordPress. This flaw allows authenticated attackers with administrator privileges to read arbitrary files on the server, potentially exposing sensitive information. The vulnerability impacts versions of Icegram Express up to and including 5.6.23. A patch is available, and users are strongly advised to upgrade immediately.
The directory traversal vulnerability in Icegram Express allows an authenticated administrator to bypass intended file access restrictions. By manipulating the showeslogs function, an attacker can craft requests that read files outside of the plugin's designated directory. This poses a significant risk, particularly in shared hosting environments where multiple websites reside on the same server. Sensitive data such as database credentials, configuration files, or even code from other websites could be exposed. The impact is amplified by the plugin's widespread use and the potential for automated exploitation.
CVE-2023-5414 was publicly disclosed on 2023-10-20. While no active exploitation campaigns have been definitively confirmed, the vulnerability's critical severity and ease of exploitation make it a high-priority target. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are likely to emerge, increasing the risk of widespread exploitation.
Shared hosting environments are particularly at risk, as the vulnerability allows attackers to potentially access data from other websites hosted on the same server. WordPress administrators with access to the Icegram Express plugin are also at risk. Users who have not updated Icegram Express to the latest version are vulnerable.
• wordpress / composer / npm:
grep -r "show_es_logs" /var/www/html/wp-content/plugins/icegram-express/• generic web:
curl -I 'https://your-wordpress-site.com/wp-content/plugins/icegram-express/show_es_logs?file=../../../../etc/passwd' # Attempt to read sensitive filedisclosure
漏洞利用状态
EPSS
2.09% (84% 百分位)
CVSS 向量
The primary mitigation for CVE-2023-5414 is to upgrade Icegram Express to a version that addresses the vulnerability. The vendor has released a patch, so ensure you are using the latest available version. If immediate upgrading is not possible due to compatibility issues or breaking changes, consider temporarily restricting access to the showeslogs function through server-level configuration (e.g., .htaccess rules for Apache) or a web application firewall (WAF). Monitor server logs for suspicious file access attempts. After upgrading, confirm the fix by attempting to access a non-existent file via the vulnerable endpoint and verifying that access is denied.
将 Icegram Express 插件更新到最新可用版本。版本 5.6.24 或更高版本修复了此目录遍历漏洞。这将防止具有管理员权限的攻击者能够读取服务器上的任意文件。
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2023-5414 is a critical vulnerability in Icegram Express WordPress plugin allowing attackers to read arbitrary files on the server.
You are affected if you are using Icegram Express version 5.6.23 or earlier. Check your plugin version and upgrade immediately.
Upgrade Icegram Express to the latest version that addresses the vulnerability. If immediate upgrade is not possible, implement temporary workarounds like WAF rules.
While no confirmed active exploitation campaigns are known, the vulnerability's severity makes it a likely target for attackers.
Refer to the Icegram Express website and WordPress plugin repository for the latest advisory and update information.
上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。