CVE-2024-9893

Authentication Bypass Using an Alternate Path or Channel (CWE-288)

Published: Oct 16, 2024 / Updated: 34d ago

010
CVSS 9.8EPSS 0.06%Critical
CVE info copied to clipboard

Summary

The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.1.14. This vulnerability is caused by insufficient verification of the user being returned by the social login token. As a result, unauthenticated attackers can potentially log in as any existing user on the site, including administrators, if they have access to the email and the user does not have an already-existing account for the service returning the token.

Impact

This vulnerability allows unauthenticated attackers to bypass authentication and gain unauthorized access to WordPress sites using the affected plugin. The potential impact is severe, as attackers could log in as any existing user, including administrators. This could lead to complete compromise of the WordPress site, allowing attackers to modify content, install malicious plugins, access sensitive information, or perform any action available to the compromised user account. Given that administrator accounts could be targeted, the attacker could potentially gain full control over the WordPress installation.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is not explicitly mentioned in the provided information. However, given that the vulnerability affects "all versions up to, and including, 3.1.14" of the Nextend Social Login Pro plugin, it is likely that a patched version (3.1.15 or higher) may be available or forthcoming. Users should check for updates to the plugin and apply them as soon as they become available.

Mitigation

1. Update the Nextend Social Login Pro plugin to a version higher than 3.1.14 as soon as a patched version is available. 2. Temporarily disable the Nextend Social Login Pro plugin until a patch is available. 3. Implement additional authentication factors for critical user accounts, especially administrator accounts. 4. Monitor user login activities closely, particularly for administrative accounts. 5. Ensure that all users, especially those with elevated privileges, have accounts set up for all social login services used by the plugin. 6. Regularly audit user accounts and remove unnecessary privileges. 7. Implement network segmentation and access controls to limit the potential impact of a compromised account.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

CVE Assignment

NVD published the first details for CVE-2024-9893

Oct 16, 2024 at 2:15 PM
CVSS

A CVSS base score of 9.8 has been assigned.

Oct 16, 2024 at 2:21 PM / nvd
First Article

Feedly found the first article mentioning CVE-2024-9893. See article

Oct 16, 2024 at 2:21 PM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 16, 2024 at 2:21 PM
EPSS

EPSS Score was set to: 0.06% (Percentile: 28.4%)

Oct 17, 2024 at 10:04 AM
Static CVE Timeline Graph

Affected Systems

Wordpress/wordpress
+null more

Links to Mitre Att&cks

T1083: File and Directory Discovery
+null more

Attack Patterns

CAPEC-127: Directory Indexing
+null more

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI