A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site
Home / security-advisories / Multiple critical vulnerabilities in WordPress (CVE-2024-7257, CVE-2024-6315, CVE-2023-5000, CVE-2024-5709)

Multiple critical vulnerabilities in WordPress (CVE-2024-7257, CVE-2024-6315, CVE-2023-5000, CVE-2024-5709)

Advisory No: TZCERT/SA/2024/08/07-2

Date of First Release: 07th August 2024

Source: Wordfence

Software Affected: yayextra, blox-page-builder, horizontal-scrolling-announcements, js_composer

Overview:

WordPress is vulnerable to multiple critical vulnerabilities. Exploitation of these vulnerabilities may allow an unauthenticated attacker to execute arbitrary codes.

Description:

WordPress plugins yayextra, blox-page-builder, horizontal-scrolling-announcements, js_composer are affected by the vulnerabilities tracked as CVE-2024-7257, CVE-2024-6315, CVE-2023-5000, and CVE-2024-5709 with CVSS score of 9.8, 8.8, 8.8 and 8.8 respectively. The plugins are vulnerable to arbitrary file uploads due to missing file type validation in the handle_upload_file function, arbitrary file uploads due to missing file type validation in the ‘handleUploadFile’ function, SQL Injection via the plugin’s ‘hsas-shortcode’ shortcode and to Local File Inclusion via the ‘layout_name’ parameter. Remote attackers can exploit the vulnerabilities to achieve arbitrary code execution.

Impact:

Successful exploitation of these vulnerabilities may allow an attacker to take control of the affected system.

Solution:

WordPress has released security patches for these vulnerabilities. Users and administrators are encouraged to apply necessary updates.

References:

  1. https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/yayextra/yayextra-woocommerce-extra-product-options-137-unauthenticated-arbitrary-file-upload-via-handle-upload-file-function
  2. https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/blox-page-builder/blox-page-builder-1065-authenticated-contributor-arbitrary-file-upload
  3. https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/horizontal-scrolling-announcements/horizontal-scrolling-announcements-24-authenticated-contributor-sql-injection-via-shortcode
  4. https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/js_composer-2/wpbakery-77-authenticated-author-local-file-inclusion

Best free WordPress theme

Check Also

Two critical vulnerabilities in WordPress (CVE-2024-7094, CVE-2024-7503)

Advisory No: TZCERT/SA/2024/08/13-2 Date of First Release: 13th August 2024 Source: Wordfence Software Affected: js-support-ticket, …

DISCLAIMER |FAQ |CONTACT US
Tanzania Computer Emergency Response Team © Copyright 2024, All Rights Reserved.