Tanzania Computer Emergency Response Team
Advisory No: TZCERT/SA/2024/07/04-1
Date of First Release: 4th July 2024
Source: Wordfence
Software Affected: wp-nested-pages, addons-for-elementor and IMGspider
Overview:
WordPress is vulnerable to four critical vulnerabilities. The attackers can leverage the vulnerabilities to take control of the affected system.
Description:
Three WordPress plugins namely wp-nested-pages, addons-for-elementor and IMGspider as affected by the vulnerabilities tracked as CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, and CVE-2024-6318 respectively. Reasons for the flaws include missing or incorrect nonce validation on the ‘settingsPage’ function and missing santization of the ‘tab’ parameter, plugin’s widgets through the ‘style’ attribute, and missing file type validation in the ‘upload’ and ‘upload_img_file’ functions in all versions up to, and including, 2.3.10. The attackers can exploit the vulnerabilities to execute remote arbitrary codes on affected system.
Impact:
Successful exploitation of these vulnerabilities may allow an attacker to take control of affected system
Solution:
WordPress has released security patches for these vulnerabilities. Users and administrators are encouraged to apply necessary updates.
References:
- https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-nested-pages/nested-pages-327-cross-site-request-forgery-to-local-file-inclusion
- https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/addons-for-elementor/elementor-addons-by-livemesh-837-authenticated-contributor-limited-local-file-inclusion-via-widgets
- https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/imgspider/imgspider-2310-authenticated-contributor-arbitrary-file-upload-via-upload
- https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/imgspider/imgspider-2310-authenticated-contributor-arbitrary-file-upload-via-upload-img-file