CVE-2023-5815 Scanner

The News & Blog Designer Pack is a WordPress plugin used by website administrators to enhance and manage blog designs efficiently. This plugin is commonly used by bloggers, small businesses, and content creators to create visually appealing post layouts without requiring coding skills. It provides a user-friendly interface that integrates seamlessly with WordPress, offering customization options for bloggers to tailor their site's appearance. The plugin supports various design templates, making it versatile for different thematic requirements. Being popular for enhancing blog presentations, the plugin aids in boosting user engagement through attractive blog displays. Overall, it serves as a valuable tool for WordPress sites aiming to improve their blog design and functionality.

The Local File Inclusion (LFI) vulnerability in the News & Blog Designer Pack WordPress Plugin is a security flaw allowing unauthorized users to include files from the server in the web application. This vulnerability can lead to severe security risks, including the potential for remote code execution, enabling attackers to take over a site. It requires an AJAX request with certain crafted POST parameters to exploit the vulnerability. Unauthenticated attackers can leverage this weakness to execute arbitrary PHP files on the vulnerable site. Consequently, this vulnerability poses a significant risk, potentially compromising the confidentiality, integrity, and availability of the affected website. The issue primarily resides in inadequate input validation within the plugin's design functions.

The vulnerability is present in the 'bdp_get_more_post' function, where insufficient validation allows attackers to manipulate the 'shrt_param[design]' parameter. By crafting a malicious AJAX POST request to 'admin-ajax.php', attackers can include files such as 'wp-login', potentially gaining unauthorized access. The vulnerable endpoint is susceptible when processing these crafted parameters, escalating the threat level by allowing remote inclusion of sensitive files. This flaw is particularly dangerous as it lets attackers perform PHP code execution by exploiting improper file handling mechanisms. The targeted endpoint fails to sanitize inputs properly, providing a pathway for attackers to bypass access controls. The lack of secure coding practices in handling this parameter leaves the plugin exposed to manipulation attempts by malicious actors.

Exploiting the Local File Inclusion vulnerability in this plugin could lead to dire consequences, including a full compromise of the affected WordPress site. Attackers could execute arbitrary PHP scripts, enabling them to control the site or extract sensitive information. This could result in data breaches, defacement, or service disruptions, adversely affecting site users and administrators. Additionally, such exploitation risks the site's reputation and its users' trust, potentially leading to financial and reputational loss. Moreover, attackers could maintain persistent access, further risking the integrity and confidentiality of data stored on the compromised server. Prompt remediation measures should be taken to mitigate these potential threats and safeguard the website from unauthorized exploitation.

REFERENCES

• https://wordpress.org/plugins/blog-designer-pack/
• https://www.leavesongs.com/PENETRATION/docker-php-include-getshell.html#0x06-pearcmdphp
• https://www.wordfence.com/threat-intel/vulnerabilities/id/2f2bdf11-401a-48af-b1dc-aeeb40b9a384?source=cve