CVERadar

CVE-2024-8624

Medium Severity

Pluginus

SVRS

30/100

CVSSv3

NA/10

EPSS

0.0017/1

CVE-2024-8624: SQL Injection vulnerability in the WordPress MDTF Plugin. Authenticated contributors can exploit SQL injection in the 'meta_key' parameter of the 'mdf_select_title' shortcode. This flaw affects versions up to 1.3.3.3, allowing attackers to potentially extract sensitive data from the WordPress database. With an SVRS of 30, while not critical, this vulnerability still poses a risk. The absence of proper escaping and SQL query preparation makes the plugin susceptible to malicious SQL commands. Successful exploitation requires contributor-level access or higher, limiting the scope of potential attackers, but remains a significant threat to data security. Immediate patching is recommended.

TAGS

No tags available

VECTOR STRING

PUBLICATION DATE2024-09-24

LAST MODIFIED2024-09-26

SOCRadar

AI Insight

Description:

CVE-2024-8624 is a SQL Injection vulnerability in the MDTF – Meta Data and Taxonomies Filter plugin for WordPress. It allows authenticated attackers with Contributor-level access or higher to execute arbitrary SQL queries on the database, potentially leading to sensitive information disclosure.

Key Insights:

High Severity: The CVSS score of 9.9 indicates a critical vulnerability that requires immediate attention.
SVRS of 34: While lower than the CVSS score, the SVRS of 34 still signifies a moderate risk, highlighting the need for prompt action.
Active Exploitation: The vulnerability is actively exploited in the wild, making it imperative for organizations to patch their systems immediately.

Mitigation Strategies:

Update WordPress: Install the latest version of WordPress (6.1.1) which includes a fix for this vulnerability.
Disable the Plugin: If updating WordPress is not immediately possible, disable the MDTF plugin until a patch is available.
Restrict Access: Limit access to the WordPress dashboard to only authorized users with the minimum necessary privileges.
Implement Web Application Firewall (WAF): Configure a WAF to block malicious traffic and prevent SQL injection attacks.

Additional Information:

Threat Actors/APT Groups: No specific threat actors or APT groups have been identified as actively exploiting this vulnerability.
Exploit Status: Active exploits have been published.
CISA Warnings: The Cybersecurity and Infrastructure Security Agency (CISA) has warned of this vulnerability, calling for immediate and necessary measures.

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT

CVE Details

Access comprehensive CVE information instantly

Real-time Tracking

Subscribe to CVEs and get instant updates

Exploit Analysis

Monitor related APT groups and threats

IOC Tracking

Analyze and track CVE-related IOCs

News

No news found for this CVE

Social Media

CVEFind.com

@CveFindCom

2024-09-24

[CVE-2024-8624: CRITICAL] WordPress MDTF plugin up to 1.3.3.3 is vulnerable to SQL Injection via 'mdf_select_title' shortcode's 'meta_key' attribute. Allows attacks to extract sensitive info with Contributor-level...#cybersecurity,#vulnerability https://t.co/nqHxu8MLd0 https://t.co/SccMMJXE64

CVE

@CVEnew

2024-09-24

CVE-2024-8624 The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to SQL Injection via the 'meta_key' attribute of the 'mdf_select_title' shortcode in all v… https://t.co/rDF7rw0mIJ

Affected Software

Configuration 1

Type	Vendor	Product
App	Pluginus	wordpress_meta_data_and_taxonomies_filter

References

Reference	Link
[email protected]	https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3153150%40wp-meta-data-filter-and-taxonomy-filter&new=3153150%40wp-meta-data-filter-and-taxonomy-filter&sfp_email=&sfph_mail=
[email protected]	https://www.wordfence.com/threat-intel/vulnerabilities/id/8f50812a-c6a7-4bb3-9833-e10acd0460c0?source=cve

CWE Details

CWE ID	CWE Name	Description
CWE-89	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')	The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence