Overview

WordPress is vulnerable to three critical vulnerabilities. Exploitation of these vulnerabilities may allow an unauthenticated attacker to execute code remotely or retrieve sensitive data.

Description

WordPress plugins give, nextend-social-login-pro, and Ultimate_AI are affected by the vulnerabilities tracked as CVE-2024-9634, CVE-2024-9893, and CVE-2024-9105 with CVSS scores of 9.8 each. The plugins are vulnerable due to deserialization of untrusted input from the give_company_name parameter, insufficient verification on the user being returned by the social login token, and insufficient verification on the user being supplied in the 'ultimate_ai_register_or_login_with_google' function. The vulnerabilities allow unauthenticated attackers to achieve remote code execution and to log in as any existing user on the site, such as an administrator if they have access to the email.

Impact

Successful exploitation of these vulnerabilities may allow the attackers to take control of the affected system.

Solution

WordPress has released security patches for these vulnerabilities. Users and administrators are encouraged to apply necessary updates.

References

• 1. https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/give/givewp-donation-plugin-and-fundraising-platform-3163-unauthenticated-php-object-injection-to-remote-code-execution
• 2. https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/nextend-social-login-pro/nextend-social-login-pro-3114-authentication-bypass
• 3. https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/Ultimate_AI/ultimateai-283-authentication-bypass