CVE-2024-8507
Cross-Site Request Forgery (CSRF) (CWE-352)
Summary
The File Manager Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to and including 8.3.9. This vulnerability is due to missing or incorrect nonce validation on the 'mk_file_folder_manager' ajax action. As a result, unauthenticated attackers can potentially upload arbitrary files via a forged request if they can trick a site administrator into performing an action such as clicking on a link.
Impact
The impact of this vulnerability is severe, with a CVSS v3.1 base score of 8.8 (High). If exploited successfully, an attacker could achieve high levels of impact on confidentiality, integrity, and availability of the affected system. The attack vector is network-based, with low attack complexity and no privileges required. However, user interaction is required for the attack to succeed. Potential impacts include: 1. Unauthorized file uploads: Attackers could upload malicious files to the WordPress installation. 2. Remote code execution: If combined with other vulnerabilities, this could lead to executing arbitrary code on the server. 3. Website defacement: Uploading of unwanted content could alter the appearance and functionality of the website. 4. Data theft: Sensitive information could be exposed if attackers manage to upload and execute malicious scripts. 5. Further system compromise: The uploaded files could serve as a foothold for more extensive attacks on the server or network.
Exploitation
There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.
Patch
A patch is not explicitly mentioned in the provided vulnerability data. However, given that the vulnerability affects "all versions up to, and including, 8.3.9" of the File Manager Pro plugin, it is likely that a patched version newer than 8.3.9 is available or will be released soon. The security team should check for updates to the File Manager Pro plugin and apply them as soon as they become available.
Mitigation
1. Update the File Manager Pro plugin: As soon as a patched version becomes available, update to the latest version of the plugin. 2. Implement proper CSRF protection: Ensure that all WordPress plugins, especially File Manager Pro, use proper nonce validation for all actions, particularly for the 'mk_file_folder_manager' ajax action. 3. Limit plugin usage: If possible, disable or remove the File Manager Pro plugin until a patch is available, especially on production sites. 4. User awareness training: Educate administrators and users about the risks of clicking on unknown links, especially when logged into the WordPress admin panel. 5. Implement Web Application Firewall (WAF): Use a WAF that can detect and block CSRF attempts. 6. Regular security audits: Conduct regular security audits of your WordPress installation, focusing on plugin vulnerabilities. 7. Principle of least privilege: Ensure that user accounts have only the necessary permissions to perform their required tasks. 8. Monitor for suspicious activities: Implement logging and monitoring for unusual file uploads or changes to the website.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Timeline
NVD published the first details for CVE-2024-8507
Feedly found the first article mentioning CVE-2024-8507. See article
Feedly estimated the CVSS score as MEDIUM
Feedly estimated the CVSS score as HIGH
EPSS Score was set to: 0.06% (Percentile: 25%)