← voltar
CVE-2024-6297

Several WordPress.org Plugins <= Various Versions - Injected Backdoor

CVSS 10 CRITICALEPSS 1.0%
Several plugins for WordPress hosted on WordPress.org have been compromised and injected with malicious PHP scripts. A malicious threat actor compromised the source code of various plugins and injected code that exfiltrates database credentials and is used to create new, malicious, administrator users and send that data back to a server. Currently, not all plugins have been patched and we strongly recommend uninstalling the plugins for the time being and running a complete malware scan.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Produtos afetados
blazeretail · BLAZE Retail Widgetpedrogusmao02 · Wrapper Link Elementorstuartobrien · Simply Show Hooksthemerex · Contact Form 7 Multi-Step Addonwarfareplugins · Social Sharing Plugin – Social Warfare
PoCs públicas encontradas1
githubgithub.com/Sudo-WP/sudowp-hooks-visualizer2
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://plugins.trac.wordpress.org/browser/blaze-widget/trunk/blaze_widget.phphttps://plugins.trac.wordpress.org/browser/contact-form-7-multi-step-addon/trunk/trx-contact-form-7-multi-step-addon.phphttps://plugins.trac.wordpress.org/browser/simply-show-hooks/trunk/index.phphttps://plugins.trac.wordpress.org/browser/social-warfare/tags/4.4.6.4/trunk/social-warfare.php#L54https://plugins.trac.wordpress.org/browser/social-warfare/tags/4.4.6.4/trunk/social-warfare.php#L583https://plugins.trac.wordpress.org/browser/wrapper-link-elementor/trunk/wrapper.php?rev=3106508https://plugins.trac.wordpress.org/changeset/3105893/https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3106042%40social-warfare&new=3106042%40social-warfare&sfp_email=&sfph_mail=https://wordpress.org/support/topic/a-security-message-from-the-plugin-review-team/https://www.wordfence.com/threat-intel/vulnerabilities/id/56d24bc8-4a1a-4e60-aec5-960703a6058a?source=cve