CVE-2024-10871

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') (CWE-98)

Published: Nov 9, 2024 / Updated: 10d ago

010
CVSS 9.8EPSS 0.06%Critical
CVE info copied to clipboard

Summary

The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.2 via the 'params[caf-post-layout]' parameter. This vulnerability allows unauthenticated attackers to include and execute arbitrary files on the server, enabling the execution of any PHP code in those files.

Impact

This vulnerability can lead to severe consequences, including bypassing access controls, obtaining sensitive data, or achieving code execution. Attackers can potentially execute arbitrary PHP code on the server, which could result in complete compromise of the affected WordPress installation. The vulnerability has a CVSS v3.1 base score of 9.8 (Critical), indicating a very high severity level. The impact on confidentiality, integrity, and availability is rated as HIGH, meaning the vulnerability can lead to a total compromise of system confidentiality, integrity, and availability.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

As of the vulnerability report, there is no mention of an available patch. The latest affected version is 2.8.2 of the Category Ajax Filter plugin for WordPress.

Mitigation

Given the critical nature of this vulnerability and the lack of a mentioned patch, immediate mitigation steps should be taken: 1. Disable or remove the Category Ajax Filter plugin from all WordPress installations until a patched version is available. 2. Implement strong input validation and sanitization for all user-supplied input, especially for the 'params[caf-post-layout]' parameter. 3. Apply the principle of least privilege to WordPress file and directory permissions. 4. Monitor for any suspicious activities or unauthorized file accesses on affected WordPress installations. 5. Implement web application firewalls (WAF) to help detect and block potential Local File Inclusion attempts. 6. Regularly check for updates to the plugin and apply them as soon as they become available. Given the high severity (CVSS score 9.8), this vulnerability should be given top priority for remediation efforts.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

CVE Assignment

NVD published the first details for CVE-2024-10871

Nov 9, 2024 at 8:15 AM
CVSS

A CVSS base score of 9.8 has been assigned.

Nov 9, 2024 at 8:20 AM / nvd
First Article

Feedly found the first article mentioning CVE-2024-10871. See article

Nov 9, 2024 at 8:24 AM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Nov 9, 2024 at 8:24 AM
EPSS

EPSS Score was set to: 0.06% (Percentile: 28.7%)

Nov 10, 2024 at 10:23 AM
Static CVE Timeline Graph

Affected Systems

Wordpress/wordpress
+null more

Attack Patterns

CAPEC-193: PHP Remote File Inclusion
+null more

News

Wordfence Intelligence Weekly WordPress Vulnerability Report (November 4, 2024 to November 10, 2024)
WordPress Plugins with Reported Vulnerabilities Last Week Use constructor to create tables profit-products-tables-for-woocommerce Add Ribbon Shortcode add-ribbon Admin Amplify wpr-admin-amplify Advanced Video Player with Analytics advanced-video-player-with-analytics Adventure Bucket List adventure-bucket-list AgendaPress – Easily Publish Meeting Agendas and Programs on WordPress agendapress Ajax Content Filter ajax-content-filter Alert Me!
Critical - CVE-2024-10871 - The Category Ajax Filter plugin for WordPress...
The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.2 via the 'params[caf-post-layout]' parameter. This makes it...
CVE-2024-10871
This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where files with a .php extension can be uploaded and included. Gravedad 3.1 (CVSS 3.1 Base Score)
CVE-2024-10871 - Category Ajax Filter Multiple Vulnerabilities through Local File Inclusion
CVE ID : CVE-2024-10871 Published : Nov. 9, 2024, 8:15 a.m. 50 minutes ago Description : The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.2 via the 'params[caf-post-layout]' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where files with a .php extension can be uploaded and included. Severity:
Category Ajax Filter <= 2.8.2 - Unauthenticated Local File Inclusion
Trustyplugins - CRITICAL - CVE-2024-10871 The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.2 via the 'params[caf-post-layout]' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where files with a .php extension can be uploaded and included.
See 4 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI