平台
wordpress
组件
paid-member-subscriptions
修复版本
2.13.8
CVE-2024-12919 represents a critical Authentication Bypass vulnerability affecting the Paid Membership Subscriptions plugin for WordPress. An attacker can leverage a valid payment ID to gain unauthorized access and impersonate any user on the affected site. This vulnerability impacts versions up to and including 2.13.7. A patch is available from the vendor.
This vulnerability allows unauthenticated attackers to bypass the authentication process entirely. By exploiting the pmspbpaymentredirectlink function with a known payment ID, an attacker can effectively log in as any user who has previously made a purchase on the WordPress site. This grants them full access to the impersonated user's account, including sensitive data, administrative privileges (if the user has them), and the ability to perform actions on behalf of that user. The potential impact includes data breaches, unauthorized modifications to content, and complete compromise of the WordPress site’s user accounts.
This vulnerability has been publicly disclosed and assigned a CVSS score of 9.8 (CRITICAL). While no active exploitation campaigns have been publicly confirmed, the ease of exploitation and the high potential impact make it a high-priority vulnerability. It is likely to be targeted by malicious actors. The CVE was published on 2025-01-14.
WordPress sites utilizing the Paid Membership Subscriptions plugin, particularly those with e-commerce functionality or subscription models, are at significant risk. Shared hosting environments where plugin updates are managed by the hosting provider are also at increased risk due to potential delays in patching.
• wordpress / composer / npm:
grep -r 'pms_pb_payment_redirect_link' /var/www/html/wp-content/plugins/paid-membership-subscriptions/• wordpress / composer / npm:
wp plugin list --status=active | grep 'Paid Membership Subscriptions'• wordpress / composer / npm:
wp plugin update --all• generic web:
Check for the existence of the /wp-content/plugins/paid-membership-subscriptions/ directory.
disclosure
漏洞利用状态
EPSS
0.11% (30% 百分位)
CISA SSVC
CVSS 向量
The primary mitigation is to immediately upgrade the Paid Membership Subscriptions plugin to a version higher than 2.13.7, as the vendor has released a patch to address this vulnerability. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing a temporary workaround by restricting access to the pmspbpaymentredirectlink endpoint. This could involve implementing stricter input validation or requiring additional authentication steps for users accessing this functionality. After upgrading, verify the fix by attempting to access a user account using a known payment ID without proper authentication; access should be denied.
将 Paid Membership Subscriptions 插件更新到可用的最新版本。该漏洞存在于 2.13.8 之前的版本中。更新将修复身份验证故障。
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2024-12919 is a critical vulnerability in the Paid Membership Subscriptions plugin for WordPress that allows attackers to bypass authentication using a valid payment ID.
You are affected if you are using Paid Membership Subscriptions plugin versions 2.13.7 or earlier. Upgrade immediately.
Upgrade the Paid Membership Subscriptions plugin to a version higher than 2.13.7. If upgrading is not possible, implement temporary workarounds like restricting access to the vulnerable endpoint.
While no active exploitation campaigns have been publicly confirmed, the vulnerability's severity and ease of exploitation suggest it is likely to be targeted.
Refer to the official Paid Membership Subscriptions plugin website or WordPress.org plugin repository for the latest advisory and patch information.
上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。