CVE-2024-5147 — AI Deep Analysis Summary

🚨 **Essence**: Local File Inclusion (LFI) in WPZOOM Addons for Elementor. 📉 **Consequences**: Full system compromise. Attackers can read/write files, leading to total server takeover. 💀 Impact is Critical (CVSS High).

🛡️ **Root Cause**: CWE-22 (Path Traversal). 🐛 **Flaw**: The plugin fails to sanitize file paths in AJAX requests.…

👥 **Affected**: WordPress sites using **WPZOOM Addons for Elementor**. 📦 **Version**: 1.1.37 and **earlier** versions. 🏢 **Vendor**: wpzoom. ⚠️ Check your plugin version immediately!

💻 **Privileges**: Unauthenticated access (No login needed). 📄 **Data**: High Confidentiality, Integrity, and Availability impact. 📂 Hackers can read sensitive config files, inject malware, or execute code.…

📉 **Threshold**: **LOW**. 🚫 **Auth**: None required (PR:N). 🌐 **Network**: Remote (AV:N). 🤝 **UI**: None required (UI:N). 🚀 Extremely easy to exploit for anyone with internet access.

📜 **Public Exp?**: Yes, detailed in references. 🔍 **PoC**: Specific file paths (`wpzoom-elementor-ajax-posts-grid.php`) are exposed in WordPress Trac. 🌍 **Wild Exp**: Likely active given the low barrier.…

🔍 **Self-Check**: Scan for `WPZOOM Addons for Elementor` plugin. 📊 **Version Check**: Is version ≤ 1.1.37? 🛠️ **Code Audit**: Look for unsanitized input in `includes/wpzoom-elementor-ajax-posts-grid.php`.…

🛠️ **Fixed?**: Yes. 📅 **Patch Date**: Published 2024-05-22. 🔄 **Action**: Update to the latest version immediately. 📝 Reference: WordPress Trac changeset 3090236 fixes the issue. 🏁 Patch is available.

🚧 **No Patch?**: Disable the plugin instantly. 🚫 **Block**: Restrict access to `wp-admin` or AJAX endpoints. 🛡️ **WAF**: Block requests containing `../` in AJAX parameters. 🧹 Remove the plugin if not essential.…

🔥 **Urgency**: **CRITICAL**. 🚨 **Priority**: Patch NOW. ⚡ **Reason**: Unauthenticated, Remote, High Impact. 📉 **Risk**: Immediate compromise likely. 🏃‍♂️ Do not wait. Update or disable today.