CVE-2024-9105

Authentication Bypass Using an Alternate Path or Channel (CWE-288)

Published: Oct 16, 2024 / Updated: 35d ago

010
CVSS 9.8EPSS 0.09%Critical
CVE info copied to clipboard

Summary

The UltimateAI plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.8.3. This vulnerability is due to insufficient verification of the user being supplied in the 'ultimate_ai_register_or_login_with_google' function. As a result, unauthenticated attackers can potentially log in as any existing user on the site, including administrators, if they have access to the email.

Impact

This vulnerability allows unauthenticated attackers to bypass authentication and gain unauthorized access to WordPress sites using the UltimateAI plugin. The potential impacts include: 1. Unauthorized admin access: Attackers could log in as administrators, gaining full control over the WordPress site. 2. Data breach: With admin-level access, attackers could steal sensitive information, including user data and confidential content. 3. Site manipulation: Attackers could modify site content, install malicious plugins, or deface the website. 4. Further exploitation: The compromised site could be used as a launching point for attacks on other systems or to distribute malware. Given the high CVSS base score of 9.8, this vulnerability is considered critical and could lead to a complete compromise of the affected WordPress sites.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is not explicitly mentioned in the provided information. However, given that the vulnerability affects versions up to and including 2.8.3 of the UltimateAI plugin, it is likely that a patched version (2.8.4 or higher) has been or will be released. Website administrators should check for updates to the UltimateAI plugin and apply them as soon as they become available.

Mitigation

To mitigate this vulnerability, consider the following recommendations: 1. Update the UltimateAI plugin: If an updated version is available, upgrade immediately to the latest version (higher than 2.8.3). 2. Disable the plugin: If an update is not yet available, consider disabling the UltimateAI plugin until a patch is released. 3. Monitor user activity: Implement robust logging and monitoring to detect any suspicious login attempts or unauthorized access. 4. Implement additional authentication measures: Consider using multi-factor authentication (MFA) for admin accounts to add an extra layer of security. 5. Restrict access to the WordPress admin area: Use IP whitelisting or VPN access for administrative functions if possible. 6. Regular security audits: Conduct frequent security assessments of your WordPress installation and all installed plugins. 7. Backup regularly: Ensure you have up-to-date backups of your WordPress site in case of a compromise.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2024-9105. See article

Oct 16, 2024 at 2:14 AM / CVE
CVE Assignment

NVD published the first details for CVE-2024-9105

Oct 16, 2024 at 2:15 AM
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 16, 2024 at 2:16 AM
CVSS

A CVSS base score of 9.8 has been assigned.

Oct 16, 2024 at 2:20 AM / nvd
EPSS

EPSS Score was set to: 0.09% (Percentile: 39.8%)

Oct 16, 2024 at 9:57 AM
Static CVE Timeline Graph

Affected Systems

Wordpress/wordpress
+null more

Links to Mitre Att&cks

T1083: File and Directory Discovery
+null more

Attack Patterns

CAPEC-127: Directory Indexing
+null more

News

Wordfence Intelligence Weekly WordPress Vulnerability Report (October 14, 2024 to October 20, 2024)
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week: WordPress Plugins with Reported Vulnerabilities Last Week
Three Critical Vulnerabilities in WordPress (CVE-2024-9634, CVE-2024-9893, CVE-2024-9105)
WordPress is vulnerable to three critical vulnerabilities . Exploitation of these vulnerabilities may allow an unauthenticated attacker to execute ...
Critical - CVE-2024-9105 - The UltimateAI plugin for WordPress is...
The UltimateAI plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.8.3. This is due to insufficient verification on the user being supplied in the...
CVE-2024-9105
Gravedad 3.1 (CVSS 3.1 Base Score) Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
CVE-2024-9105
Critical Severity Description The UltimateAI plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.8.3. This is due to insufficient verification on the user being supplied in the 'ultimate_ai_register_or_login_with_google' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. Read more at https://www.tenable.com/cve/CVE-2024-9105
See 7 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI