平台
wordpress
组件
wp-query-console
修复版本
1.0.1
CVE-2024-50498 describes a Remote Code Execution (RCE) vulnerability within the WP Query Console WordPress plugin. This flaw allows attackers to inject arbitrary code, potentially leading to complete system compromise. The vulnerability impacts versions up to and including 1.0. A fix is pending, and users are advised to implement mitigation strategies until a patch is released.
The impact of this RCE vulnerability is severe. A successful exploit allows an attacker to execute arbitrary code on the affected WordPress server with the privileges of the webserver user. This could lead to complete website takeover, data exfiltration, malware installation, and further lateral movement within the network. Given the plugin's functionality (querying WordPress data), an attacker could leverage this to discover sensitive information about the website's database structure and content, aiding in further attacks. The ease of code injection significantly increases the risk of exploitation.
This vulnerability was publicly disclosed on 2024-10-28. No public proof-of-concept (POC) code has been released at the time of writing, but the RCE nature of the vulnerability makes it a high-priority target for exploitation. The EPSS score is likely to be high due to the ease of exploitation and the potential impact. It is recommended to monitor security advisories and threat intelligence feeds for any signs of active exploitation campaigns.
Websites using the WP Query Console plugin, particularly those running older versions (≤1.0), are at significant risk. Shared hosting environments are especially vulnerable as they often have limited security controls and a higher density of vulnerable plugins. WordPress sites with weak access controls to the plugin's administrative interface are also at increased risk.
• wordpress / composer / npm:
grep -r "eval(base64_decode" /var/www/html/wp-content/plugins/wp-query-console/• generic web:
curl -I https://your-wordpress-site.com/wp-content/plugins/wp-query-console/ | grep -i 'X-Powered-By'• wordpress / composer / npm:
wp plugin list | grep "wp-query-console"disclosure
漏洞利用状态
EPSS
91.90% (100% 百分位)
CISA SSVC
CVSS 向量
Since a patch is not yet available, immediate mitigation steps are crucial. First, disable the WP Query Console plugin if possible. If disabling is not an option, restrict access to the plugin's administrative interface to trusted users only. Implement a Web Application Firewall (WAF) with rules to block suspicious code injection attempts targeting the plugin's endpoints. Regularly monitor server logs for any unusual activity or signs of exploitation. Consider using a security plugin that can scan for and alert on code injection vulnerabilities.
Actualice el plugin WP Query Console a una versión posterior a la 1.0. Esto solucionará la vulnerabilidad de ejecución remota de código. Si no hay una versión disponible, considere desinstalar el plugin hasta que se publique una versión corregida.
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2024-50498 is a critical Remote Code Execution vulnerability in the WP Query Console plugin, allowing attackers to execute arbitrary code on your WordPress server.
You are affected if you are using WP Query Console version 1.0 or earlier. Upgrade as soon as a patch is released.
Currently, a patch is not available. Disable the plugin or restrict access until a fix is released. Implement WAF rules and monitor logs.
While no public exploits are currently available, the vulnerability's severity and ease of exploitation suggest it is likely to be targeted soon.
Check the WP Query Console plugin's official website or WordPress plugin repository for updates and advisories.
上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。