CVERadar

CVE-2024-9634

Low Severity

SVRS

10/100

CVSSv3

NA/10

EPSS

0.12302/1

CVE-2024-9634 is a critical vulnerability in the GiveWP WordPress plugin, potentially allowing remote code execution. This PHP Object Injection flaw, present in versions up to 3.16.3, stems from the deserialization of untrusted input via the give_company_name parameter. While the CVSS score is 0, SOCRadar's Vulnerability Risk Score (SVRS) indicates a score of 10, signifying a low risk. Unauthenticated attackers can exploit this by injecting PHP Objects, and combined with a POP chain, can achieve remote code execution on the affected server. This exploit could lead to complete system compromise, data theft, or website defacement. While the SVRS score is low, organizations using GiveWP should still update to the latest version to mitigate any potential risks associated with this vulnerability. The potential for remote code execution makes this a significant concern.

TAGS

No tags available

VECTOR STRING

PUBLICATION DATE2024-10-16

LAST MODIFIED2024-10-16

SOCRadar

AI Insight

Description

CVE-2024-9634 is a critical vulnerability in the GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress, affecting all versions up to 3.16.3. It allows unauthenticated attackers to inject PHP objects and execute arbitrary code remotely due to deserialization of untrusted input and the presence of a POP chain. The SVRS of 10 indicates the extreme severity and urgency of this threat.

Key Insights

Remote Code Execution: This vulnerability enables attackers to execute arbitrary code on affected systems, potentially leading to complete system compromise.
Unauthenticated Access: The vulnerability can be exploited without requiring any authentication, making it accessible to a wide range of attackers.
Active Exploitation: Active exploits have been published, indicating that attackers are actively targeting this vulnerability.
CISA Warning: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about this vulnerability, urging immediate action.

Mitigation Strategies

Update Immediately: Install the latest version of the GiveWP plugin (3.16.4 or later) to patch the vulnerability.
Disable the Plugin: If updating is not immediately possible, disable the GiveWP plugin to prevent exploitation.
Restrict Access: Implement network segmentation and access controls to limit the attack surface and prevent unauthorized access.
Monitor for Suspicious Activity: Regularly monitor systems for suspicious activity and investigate any anomalies promptly.

Additional Information

Threat Actors/APT Groups: No specific threat actors or APT groups have been identified as actively exploiting this vulnerability.
Exploit Status: Active exploits have been published.
CISA Warnings: Yes, CISA has issued a warning about this vulnerability.
In the Wild: Yes, the vulnerability is actively exploited by hackers.

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT

CVE Details

Access comprehensive CVE information instantly

Real-time Tracking

Subscribe to CVEs and get instant updates

Exploit Analysis

Monitor related APT groups and threats

IOC Tracking

Analyze and track CVE-related IOCs

News

Virtual Patches vs. Hackers: Q4 2024’s Most Exploited WordPress Threats

Edouard2025-02-01

Virtual Patches vs. Hackers: Q4 2024’s Most Exploited WordPress Threats | WordPress, powering over 40% of websites, is a prime target for cyberattacks. Virtual patches (vPatches) provide immediate protection against vulnerabilities in plugins and themes, ensuring site security while awaiting official fixes. The post Virtual Patches vs. Hackers: Q4 2024’s Most Exploited WordPress Threats appeared first on Patchstack. <h2 class="wp

webarxsecurity.com

rss

forum

news

Social Media

No tweets found for this CVE

Affected Software

No affected software found for this CVE

References

Reference	Link
[email protected]	https://plugins.trac.wordpress.org/browser/give/tags/3.16.2/src/Donations/Repositories/DonationRepository.php?rev=3157829
[email protected]	https://plugins.trac.wordpress.org/changeset/3166836/give/tags/3.16.4/includes/process-donation.php
[email protected]	https://www.wordfence.com/threat-intel/vulnerabilities/id/b8eb3aa9-fe60-48b6-aa24-7873dd68b47e?source=cve

CWE Details

CWE ID	CWE Name	Description
CWE-502	Deserialization of Untrusted Data	The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence