WordPress Plugin Vulnerabilities - 20240626003

LSerki · Jun 26, 2024 · 0ee9136 · 0ee9136
1 parent 881b4bf
commit 0ee9136
Showing 1 changed file with 17 additions and 0 deletions.
diff --git a/docs/advisories/20240626003-WordPress-Plugin-Vulnerabilities.md b/docs/advisories/20240626003-WordPress-Plugin-Vulnerabilities.md
@@ -0,0 +1,17 @@
+# WordPress Plugin Vulnerabilities - 20240626003
+
+## Overview
+
+Several plugins for WordPress hosted on WordPress.org have been compromised and injected with malicious PHP scripts. A malicious threat actor compromised the source code of various plugins and injected code that exfiltrates database credentials and is used to create new, malicious, administrator users and send that data back to a server.
+
+## What is vulnerable?
+
+| Products Affected.  | CVE                                                               | CVSS | Severity     |
+| ------------------- | ----------------------------------------------------------------- | ---- | ------------ |
+| **[List of Affected Products](https://www.cve.org/CVERecord?id=CVE-2024-6297)** | [CVE-2024-6297](https://www.cve.org/CVERecord?id=CVE-2024-6297) | 10  | **Critical** |
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe (refer [Patch Management](../guidelines/patch-management.md)):
+
+- https://www.wordfence.com/threat-intel/vulnerabilities/detail/several-wordpressorg-plugins-various-versions-injected-backdoor