WordPress Plugin Security Update Advisory (CVE-2024-6220, CVE-2024-5488)

Overview

 

WordPress has released an update to address a vulnerability in their products. Users of affected versions are advised to update to the latest version.

 

 

Affected Products

 

CVE-2024-6220

  • WordPress keydatas plugin version: ~ 2.5.2 (included)

 

CVE-2024-5488
 

  • WordPress SEOPress plugin version: ~ 7.9 (excluded)

 

Resolved Vulnerabilities

 

The keydatas_downloadImages function is missing file type validation, which is vulnerable to arbitrary file upload, allowing an attacker to upload arbitrary files to the server for remote code execution (CVE-2024-6220)

Failure to properly secure some REST API paths, when combined with other object injection vulnerabilities, could allow an unauthenticated attacker to deserialize a malicious gadget chain, which could compromise the site if a valid chain exists (CVE-2024-5488)

 

Vulnerability Patches

 

Vulnerability patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2024-6220

  • WordPress keydatas plugin version: 2.6.1

 

CVE-2024-5488

  • WordPress SEOPress plugin version: 7.9

 

 

Referenced Sites

 

[1] CVE-2024-6220 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-6220

[2] 简数采集器 (Keydatas) <= 2.5.2 – Unauthenticated Arbitrary File Upload

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/keydatas/keydatas-252-unauthenticated-arbitrary-file-upload

[3] CVE-2024-5488 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-5488

[4] SEOPress < 7.9 – Unauthenticated Object Injection

https://wpscan.com/vulnerability/28507376-ded0-4e1a-b2fc-2182895aa14c/

Article Link: WordPress Plugin Security Update Advisory (CVE-2024-6220, CVE-2024-5488) – ASEC