CVE-2024-9501

Authentication Bypass Using an Alternate Path or Channel (CWE-288)

Published: Oct 26, 2024 / Updated: 24d ago

010
CVSS 9.8EPSS 0.06%Critical
CVE info copied to clipboard

Summary

The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.0.7. This vulnerability is due to insufficient verification on the user being returned by the social login token. It allows unauthenticated attackers to log in as any existing user on the site, including administrators, if they have access to the email and the user does not have an already-existing account for the service returning the token.

Impact

This vulnerability has a severe impact on the security of WordPress sites using the affected plugin. Attackers can potentially gain unauthorized access to any user account, including those with administrative privileges. This could lead to complete compromise of the WordPress site, allowing attackers to modify content, install malicious plugins, access sensitive information, or perform any action available to the compromised user account. The high CVSS base score of 9.8 indicates a critical severity level, with high impacts on confidentiality, integrity, and availability of the affected system.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is not explicitly mentioned in the provided information. However, given that the vulnerability affects "all versions up to, and including, 3.0.7" of the Wp Social Login and Register Social Counter plugin, it is likely that a patched version higher than 3.0.7 may be available or in development. It is crucial for the security team to check for updates to this plugin and apply them as soon as they become available.

Mitigation

1. Immediately update the Wp Social Login and Register Social Counter plugin to a version higher than 3.0.7 if available. 2. If no update is available, consider temporarily disabling the plugin until a patch is released. 3. Implement additional authentication mechanisms, such as two-factor authentication, to add an extra layer of security. 4. Regularly monitor user activities, especially those with elevated privileges, to detect any suspicious logins or actions. 5. Ensure that all WordPress users have unique and strong passwords, and encourage them to create accounts for the social login services they use. 6. Consider implementing IP restrictions or other access controls for administrative accounts. 7. Keep WordPress core, all themes, and other plugins up-to-date to minimize overall vulnerability exposure.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2024-9501. See article

Oct 26, 2024 at 12:50 PM / Vulners.com RSS Feed
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 26, 2024 at 12:50 PM
CVE Assignment

NVD published the first details for CVE-2024-9501

Oct 26, 2024 at 1:15 PM
CVSS

A CVSS base score of 9.8 has been assigned.

Oct 26, 2024 at 1:20 PM / nvd
Threat Intelligence Report

CVE-2024-9501 is a critical authentication bypass vulnerability in the Wp Social Login and Register Social Counter plugin for WordPress, affecting all versions up to 3.0.7, with a CVSS score of 9.8. Currently, there is no evidence of exploitation in the wild or public proof-of-concept exploits, and while a patch is not explicitly mentioned, it is essential to update the plugin or disable it until a fix is available. Mitigations include implementing additional authentication mechanisms and monitoring user activities to enhance security. See article

Oct 26, 2024 at 8:39 PM
EPSS

EPSS Score was set to: 0.06% (Percentile: 28.5%)

Oct 27, 2024 at 11:57 AM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (152342)

Oct 29, 2024 at 7:53 AM
Static CVE Timeline Graph

Affected Systems

Wpmet/wp_social_login_and_register_social_counter
+null more

Links to Mitre Att&cks

T1083: File and Directory Discovery
+null more

Attack Patterns

CAPEC-127: Directory Indexing
+null more

References

CVE-2024-9501 - Exploits & Severity - Feedly
However, given that the vulnerability affects "all versions up to, and including, 3.0.7" of the Wp Social Login and Register Social Counter plugin, it is likely that a patched version higher than 3.0.7 may be available or in development. This could lead to complete compromise of the WordPress site, allowing attackers to modify content, install malicious plugins, access sensitive information, or perform any action available to the compromised user account.

News

Wordfence Intelligence Weekly WordPress Vulnerability Report (October 21, 2024 to October 27, 2024)
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week: WordPress Plugins with Reported Vulnerabilities Last Week
Update Sun Oct 27 14:34:00 UTC 2024
Update Sun Oct 27 14:34:00 UTC 2024
CVE Alert: CVE-2024-9501 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9501/ #OSINT #ThreatIntel #CyberSecurity #cve_2024_9501
CVE Alert: CVE-2024-9501 - redpacketsecurity.com/cve_al… #OSINT #ThreatIntel #CyberSecurity #cve_2024_9501
CVE Alert: CVE-2024-9501 - https://www. redpacketsecurity.com/cve_aler t_cve-2024-9501/ # OSINT # ThreatIntel # CyberSecurity # cve_2024_9501
CVE Alert: CVE-2024-9501
This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email and the user does not have an already-existing account for the service returning the token. Everyone that supports the site helps enable new functionality.
See 12 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI