Overview
WordPress has released an update to address a vulnerability in their products. Users of affected versions are advised to update to the latest version.
Affected Products
CVE-2024-6220
- WordPress keydatas plugin version: ~ 2.5.2 (included)
CVE-2024-5488
- WordPress SEOPress plugin version: ~ 7.9 (excluded)
Resolved Vulnerabilities
The keydatas_downloadImages function is missing file type validation, which is vulnerable to arbitrary file upload, allowing an attacker to upload arbitrary files to the server for remote code execution (CVE-2024-6220)
Failure to properly secure some REST API paths, when combined with other object injection vulnerabilities, could allow an unauthenticated attacker to deserialize a malicious gadget chain, which could compromise the site if a valid chain exists (CVE-2024-5488)
Vulnerability Patches
Vulnerability patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.
CVE-2024-6220
- WordPress keydatas plugin version: 2.6.1
CVE-2024-5488
- WordPress SEOPress plugin version: 7.9
Referenced Sites
[1] CVE-2024-6220 Detail
https://nvd.nist.gov/vuln/detail/CVE-2024-6220
[2] 简数采集器 (Keydatas) <= 2.5.2 – Unauthenticated Arbitrary File Upload
[3] CVE-2024-5488 Detail
https://nvd.nist.gov/vuln/detail/CVE-2024-5488
[4] SEOPress < 7.9 – Unauthenticated Object Injection
https://wpscan.com/vulnerability/28507376-ded0-4e1a-b2fc-2182895aa14c/
Article Link: WordPress Plugin Security Update Advisory (CVE-2024-6220, CVE-2024-5488) – ASEC