平台
wordpress
组件
flashnews-fading-effect-pearlbells
修复版本
4.1.1
CVE-2024-56012 describes a Cross-Site Request Forgery (CSRF) vulnerability affecting Pearlbells Flash News / Post (Responsive) and Pearlbells Post Title (TypeWriter) WordPress plugins. This vulnerability allows an attacker to perform unauthorized actions on a user's account without their knowledge. Versions of the plugins up to and including 4.1 are affected, and a patch is available in version 4.1.1.
The CSRF vulnerability allows an attacker to trick a legitimate user into unknowingly executing malicious actions on a WordPress site. For example, an attacker could craft a malicious link or embed it in a website that, when clicked by an authenticated user, could modify plugin settings, create or delete posts, or perform other administrative actions. This could lead to unauthorized content publication, website defacement, or even complete compromise of the WordPress installation, depending on the permissions associated with the affected user. The CRITICAL CVSS score reflects the ease of exploitation and the potential for significant impact.
This vulnerability was publicly disclosed on December 16, 2024. There is currently no indication of active exploitation in the wild, but the ease of exploitation and the CRITICAL severity rating warrant immediate attention. No Proof of Concept (PoC) code has been publicly released as of this writing. It is not listed on the CISA KEV catalog.
WordPress websites utilizing Pearlbells Flash News / Post (Responsive) or Pearlbells Post Title (TypeWriter) plugins, particularly those running older versions (≤4.1), are at significant risk. Shared hosting environments where plugin updates are not managed centrally are especially vulnerable, as are sites with administrative users who frequently click on links from untrusted sources.
• wordpress / composer / npm:
grep -r 'pearlbells_flash_news' /var/www/html/wp-content/plugins/
wp plugin list | grep pearlbells• generic web:
curl -I https://your-wordpress-site.com/wp-admin/admin-ajax.php?action=pearlbells_flash_news_save_settings&nonce=malicious_noncedisclosure
漏洞利用状态
EPSS
0.13% (32% 百分位)
CISA SSVC
CVSS 向量
The primary mitigation for CVE-2024-56012 is to immediately upgrade Pearlbells Flash News / Post (Responsive) and Pearlbells Post Title (TypeWriter) plugins to version 4.1.1 or later. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to filter out suspicious requests containing CSRF tokens. WordPress plugins like Wordfence can help with this. Additionally, ensure users are educated about the risks of clicking on untrusted links and entering credentials on unfamiliar websites. After upgrading, verify the fix by attempting to trigger a plugin action via a crafted CSRF request and confirming that it fails.
将 Flash News / Post (Responsive) 插件更新到 4.1 以上的版本。如果不可用,请考虑禁用或删除插件,直到发布修复 CSRF 漏洞的更新。这将防止攻击者利用该漏洞进行权限提升。
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2024-56012 is a critical Cross-Site Request Forgery (CSRF) vulnerability affecting Pearlbells Flash News / Post (Responsive) and Post Title (TypeWriter) WordPress plugins, allowing attackers to perform unauthorized actions.
Yes, if you are using Pearlbells Flash News / Post (Responsive) or Post Title (TypeWriter) versions 4.1 or earlier, you are vulnerable to this CSRF attack.
Upgrade Pearlbells Flash News / Post (Responsive) and Post Title (TypeWriter) plugins to version 4.1.1 or later to resolve the vulnerability. Consider WAF rules as a temporary mitigation.
There is currently no confirmed active exploitation of CVE-2024-56012, but the CRITICAL severity warrants immediate patching.
Please refer to the Pearlbells website or WordPress plugin repository for the latest advisory and update information regarding CVE-2024-56012.
上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。