Back

CVE-2024-6297

June 25, 2024, 12:24 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

WordPress plugins hosted on WordPress.org

Source

security@wordfence.com

Tags

security@wordfence.com
2024-06-25
CVE-2024-6297

CVE-2024-6297 details

Published : June 25, 2024, 4:15 a.m.
Last Modified : June 25, 2024, 12:24 p.m.

Description

Several plugins for WordPress hosted on WordPress.org have been compromised and injected with malicious PHP scripts. A malicious threat actor compromised the source code of various plugins and injected code that exfiltrates database credentials and is used to create new, malicious, administrator users and send that data back to a server. Currently, not all plugins have been patched and we strongly recommend uninstalling the plugins for the time being and running a complete malware scan.

CVSS Score

1 2 3 4 5 6 7 8 9 10.0

Weakness

Weakness Name Description

CVSS Data

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

10.0

Exploitability Score

3.9

Impact Score

6.0

Base Severity

CRITICAL

Vector String : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

References

URL Source
https://plugins.trac.wordpress.org/browser/blaze-widget/trunk/blaze_widget.php security@wordfence.com
https://plugins.trac.wordpress.org/browser/contact-form-7-multi-step-addon/trunk/trx-contact-form-7-multi-step-addon.php security@wordfence.com
https://plugins.trac.wordpress.org/browser/simply-show-hooks/trunk/index.php security@wordfence.com
https://plugins.trac.wordpress.org/browser/social-warfare/tags/4.4.6.4/trunk/social-warfare.php#L54 security@wordfence.com
https://plugins.trac.wordpress.org/browser/social-warfare/tags/4.4.6.4/trunk/social-warfare.php#L583 security@wordfence.com
https://plugins.trac.wordpress.org/browser/wrapper-link-elementor/trunk/wrapper.php?rev=3106508 security@wordfence.com
https://plugins.trac.wordpress.org/changeset/3105893/ security@wordfence.com
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3106042%40social-warfare&new=3106042%40social-warfare&sfp_email=&sfph_mail= security@wordfence.com
https://wordpress.org/support/topic/a-security-message-from-the-plugin-review-team/ security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/56d24bc8-4a1a-4e60-aec5-960703a6058a?source=cve security@wordfence.com
This website uses the NVD API, but is not approved or certified by it.