CVERadar

CVE-2024-1538

Medium Severity

SVRS

36/100

CVSSv3

NA/10

EPSS

0.00781/1

CVE-2024-1538 is a Cross-Site Request Forgery (CSRF) vulnerability found in the File Manager plugin for WordPress, affecting versions up to 7.2.4. This vulnerability allows unauthenticated attackers to potentially achieve Remote Code Execution (RCE). The flaw stems from missing or inadequate nonce validation on the 'wp_file_manager' page, specifically when including files through the 'lang' parameter. While the CVSS score is 0, the SOCRadar Vulnerability Risk Score (SVRS) of 36, combined with the "In The Wild" tag, indicates a need for awareness and monitoring. Although a score of 36 is not critical, the active exploitation of this vulnerability highlights the importance of promptly updating to version 7.2.5 or later to mitigate the security risk. This vulnerability is significant because it can lead to complete compromise of the WordPress site if an administrator is tricked into clicking a malicious link, emphasizing the importance of user awareness and vigilance.

TAGS

In The Wild

VECTOR STRING

PUBLICATION DATE2024-03-21

LAST MODIFIED2024-03-21

SOCRadar

AI Insight

Description

CVE-2024-1538 is a Cross-Site Request Forgery (CSRF) vulnerability in the File Manager plugin for WordPress versions up to 7.2.4. It allows unauthenticated attackers to include local JavaScript files that can be used to achieve Remote Code Execution (RCE) by tricking a site administrator into clicking on a malicious link.

Key Insights

High Severity: The CVSS score of 8.8 indicates a high severity vulnerability.
SVRS of 30: The SOCRadar Vulnerability Risk Score (SVRS) of 30 suggests a moderate risk, indicating that the vulnerability is not as critical as those with SVRS scores above 80.
Exploited in the Wild: This vulnerability is actively exploited by hackers, making it crucial to take immediate action.

Mitigation Strategies

Update the File Manager plugin to version 7.2.5 or later.
Implement CSRF protection measures on the affected website.
Educate site administrators about the risks of CSRF attacks and how to avoid them.
Monitor the website for suspicious activity and take appropriate action if necessary.

Additional Information

Threat Actors/APT Groups: No specific threat actors or APT groups have been identified as actively exploiting this vulnerability.
CISA Warnings: The Cybersecurity and Infrastructure Security Agency (CISA) has not issued a warning for this vulnerability.

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT

CVE Details

Access comprehensive CVE information instantly

Real-time Tracking

Subscribe to CVEs and get instant updates

Exploit Analysis

Monitor related APT groups and threats

IOC Tracking

Analyze and track CVE-related IOCs

News

1st April – Threat Intelligence Report - Check Point Research

2024-04-01

1st April – Threat Intelligence Report - Check Point Research | News Content: For the latest discoveries in cyber research for the week of 1st April, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES The US and UK governments have announced a criminal indictment and sanctions against APT31, a group of Chinese hackers, for their role in allegedly conducting attacks against companies in the US, as well as government officials in the UK. Check Point has shared its insights on the event and referenced a past report about APT31, including a deep dive into how the group used zero-day vulnerabilities

news

google.com

rss

forum

1st April – Threat Intelligence Report - Check Point Research - Check Point Research

2024-04-01

1st April – Threat Intelligence Report - Check Point Research - Check Point Research | News Content: For the latest discoveries in cyber research for the week of 1st April, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES The US and UK governments have announced a criminal indictment and sanctions against APT31, a group of Chinese hackers, for their role in allegedly conducting attacks against companies in the US, as well as government officials in the UK. Check Point has shared its insights on the event and referenced a past report about APT31, including a deep dive into how the group used

google.com

rss

forum

news

CVE-2024-1538 | File Manager Plugin up to 7.2.4 on WordPress JS File cross-site request forgery (ID 3051451)

vuldb.com2024-05-03

CVE-2024-1538 | File Manager Plugin up to 7.2.4 on WordPress JS File cross-site request forgery (ID 3051451) | A vulnerability, which was classified as problematic, was found in File Manager Plugin up to 7.2.4 on WordPress. This affects an unknown part of the component JS File Handler. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2024-1538</a

cve-2024-1538

domains

urls

cves

Social Media

No tweets found for this CVE

Affected Software

No affected software found for this CVE

References

Reference	Link
[email protected]	https://plugins.trac.wordpress.org/changeset/3051451/wp-file-manager
[email protected]	https://www.wordfence.com/threat-intel/vulnerabilities/id/57cc15a6-2cf5-481f-bb81-ada48aa74009?source=cve

CWE Details

No CWE details found for this CVE

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence