CVE-2024-27956: Critical SQL Injection Vulnerability in WP Automatic Plugin
Date Published: March 21, 2024
Severity: Critical (CVSS 9.9)
Affected Plugin: WP Automatic by ValvePress
Vulnerable Versions: Up to and including 3.92.0
CVE Identifier: CVE-2024-27956
Proof of Concept (PoC): https://github.com/diego-tella/CVE-2024-27956-RCE
Overview
A critical SQL Injection vulnerability, identified as CVE-2024-27956, has been discovered in the WP Automatic plugin by ValvePress. This flaw allows unauthenticated attackers to execute arbitrary SQL commands on the affected WordPress site's database, potentially leading to full site compromise. The vulnerability affects all versions of the plugin up to and including 3.92.0.
Technical Details
The vulnerability stems from improper neutralization of special elements used in SQL commands within the plugin's csv.php file. Specifically, the q parameter is insufficiently sanitized, allowing attackers to inject malicious SQL statements. By exploiting this flaw, an attacker can create new administrative user accounts, modify existing data, or execute arbitrary code on the server.
Proof of Concept
A proof of concept (PoC) demonstrating this exploit is available on GitHub:
https://github.com/diego-tella/CVE-2024-27956-RCE
The PoC outlines the steps to exploit the vulnerability by creating an administrative user account on the target WordPress site.
Impact
Exploiting this vulnerability allows attackers to:
- Create unauthorized administrative accounts.
- Modify or delete site content.
- Install malicious plugins or themes.
- Execute arbitrary code on the server.
Given the severity and ease of exploitation, immediate action is required to mitigate potential attacks.
Mitigation Steps
To protect your WordPress site from this vulnerability:
Update the Plugin: Upgrade WP Automatic to version 3.92.1 or later, where this issue has been addressed.
Audit User Accounts: Regularly review administrative accounts for unauthorized additions.
Implement Web Application Firewalls (WAF): Deploy WAF rules to detect and block SQL injection attempts.
Regular Backups: Maintain up-to-date backups to facilitate recovery in case of compromise.
Conclusion
CVE-2024-27956 is a critical vulnerability in the WP Automatic plugin that poses a significant risk to WordPress sites. Administrators are urged to update the plugin promptly and implement additional security measures to safeguard their installations.
Note: This blog post is based on information available as of March 21, 2024. For the latest updates and patches, refer to the official plugin repository and the provided PoC link.
Support Crack-Vault and help us keep providing free tools. Every donation counts!
(BTC) Address: bc1qhhva8uplmkaa3kkwxnux9t3y6l6kmhnwqzktzn
