Lucene search

WordfenceVULNRICHMENT:CVE-2024-5503

HistoryJun 21, 2024 - 2:05 a.m.

CVE-2024-5503 WP Blog Post Layouts <= 1.1.3 - Authenticated (Contributor+) Local File Inlcusion

2024-06-2102:05:41

Wordfence

github.com

wordpress

local file inclusion

authenticated

contributor

php code execution

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

Low

EPSS

0.001

Percentile

37.0%

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

The WP Blog Post Layouts plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.3. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary PHP files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:codevibrant:wp_blogpost_layouts:1.1.3:*:*:*:*:*:*:*"
    ],
    "vendor": "codevibrant",
    "product": "wp_blogpost_layouts",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "1.1.3"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

plugins.trac.wordpress.org/browser/wp-blog-post-layouts/trunk/includes/gutenberg.php#L883

plugins.trac.wordpress.org/browser/wp-blog-post-layouts/trunk/includes/gutenberg.php#L900

plugins.trac.wordpress.org/browser/wp-blog-post-layouts/trunk/includes/gutenberg.php#L917

plugins.trac.wordpress.org/browser/wp-blog-post-layouts/trunk/includes/src/grid/element.php#L1146

plugins.trac.wordpress.org/browser/wp-blog-post-layouts/trunk/includes/src/list/element.php#L1136

plugins.trac.wordpress.org/browser/wp-blog-post-layouts/trunk/includes/src/masonry/element.php#L1134

www.wordfence.com/threat-intel/vulnerabilities/id/5205cc95-06d1-4bc6-a9ea-082df9566935?source=cve

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

Low

EPSS

0.001

Percentile

37.0%

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

Related for VULNRICHMENT:CVE-2024-5503