Advisory No: TZCERT/SA/2024/08/07-2
Date of First Release: 07th August 2024
Source: Wordfence
Software Affected: yayextra, blox-page-builder, horizontal-scrolling-announcements, js_composer
Overview:
WordPress is vulnerable to multiple critical vulnerabilities. Exploitation of these vulnerabilities may allow an unauthenticated attacker to execute arbitrary codes.
Description:
WordPress plugins yayextra, blox-page-builder, horizontal-scrolling-announcements, js_composer are affected by the vulnerabilities tracked as CVE-2024-7257, CVE-2024-6315, CVE-2023-5000, and CVE-2024-5709 with CVSS score of 9.8, 8.8, 8.8 and 8.8 respectively. The plugins are vulnerable to arbitrary file uploads due to missing file type validation in the handle_upload_file function, arbitrary file uploads due to missing file type validation in the ‘handleUploadFile’ function, SQL Injection via the plugin’s ‘hsas-shortcode’ shortcode and to Local File Inclusion via the ‘layout_name’ parameter. Remote attackers can exploit the vulnerabilities to achieve arbitrary code execution.
Impact:
Successful exploitation of these vulnerabilities may allow an attacker to take control of the affected system.
Solution:
WordPress has released security patches for these vulnerabilities. Users and administrators are encouraged to apply necessary updates.
References:
- https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/yayextra/yayextra-woocommerce-extra-product-options-137-unauthenticated-arbitrary-file-upload-via-handle-upload-file-function
- https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/blox-page-builder/blox-page-builder-1065-authenticated-contributor-arbitrary-file-upload
- https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/horizontal-scrolling-announcements/horizontal-scrolling-announcements-24-authenticated-contributor-sql-injection-via-shortcode
- https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/js_composer-2/wpbakery-77-authenticated-author-local-file-inclusion