WordPress website owners are urged to act swiftly following the disclosure of two critical vulnerabilities in widely used plugins: Really Simple Security and WPLMS Learning Management System (LMS). These flaws pose significant risks, including unauthenticated access, arbitrary file deletion, and potential site takeovers.
1. Really Simple Security Vulnerability (CVE-2024-10924)
A high-severity authentication bypass vulnerability has been discovered in the Really Simple Security plugin (formerly Really Simple SSL), affecting versions 9.0.0 to 9.1.1.1.
Details
- CVSS Score: 9.8 (Critical)
- Exploitation: Attackers can bypass authentication and gain administrative access, even when two-factor authentication (2FA) is enabled.
- Cause: Improper error handling in the "check_login_and_get_user" function.
- Risk: The flaw is scriptable, enabling large-scale automated attacks targeting over 4 million websites using the plugin.
Mitigation
The issue was responsibly disclosed on November 6, 2024, and patched in version 9.1.2. WordPress collaborated with the plugin maintainers to force-update vulnerable sites before the public announcement.
Recommended Action:
- Update the plugin to version 9.1.2 or later immediately.
- If 2FA is enabled, verify the implementation’s security.
2. WPLMS LMS Vulnerability (CVE-2024-10470)
Another critical flaw, identified in the WPLMS Learning Management System, impacts versions prior to 4.963.
Details
- CVSS Score: 9.8 (Critical)
- Exploitation: Allows unauthenticated attackers to read and delete arbitrary files, including critical site configuration files such as wp-config.php.
- Impact: Deleting wp-config.php forces the WordPress site into a setup state, potentially allowing attackers to connect the site to a malicious database for a full site takeover.
- Cause: Insufficient file path validation and permissions checks.
Mitigation
The vulnerability can be addressed by upgrading to version 4.963 or newer.
Recommended Action:
- Immediately update WPLMS LMS to the latest version.
- Regularly monitor server file permissions for unauthorized changes.
Implications of Exploitation
These vulnerabilities highlight the potential consequences of insecure plugins:
- Full Administrative Access: Enables attackers to hijack websites and install malicious software.
- Arbitrary File Manipulation: Allows for deletion of critical files, compromising the site’s integrity.
- Data Theft: Sensitive user and admin credentials can be exposed.
- Platform Abuse: Compromised sites could be weaponized for phishing, spam, or malware distribution.
How to Stay Protected
To safeguard your WordPress site:
- Keep Plugins Updated: Regularly update all plugins to their latest versions.
- Use Trusted Plugins: Avoid plugins with poor security reviews or limited support.
- Backup Regularly: Maintain off-site backups for quick recovery in case of an attack.
- Enable Monitoring: Use security plugins to detect and block suspicious activity.
- Limit Permissions: Restrict access to critical files and functions.
By taking these precautions, you can minimize the risk of exploitation and ensure the integrity of your WordPress site.