CVE-2024-54385 Scanner

The Radio Player plugin for WordPress is widely used to integrate live audio streams such as Shoutcast and Icecast into websites. It is designed for web administrators and developers aiming to deliver a seamless audio experience to users. With features like customizable players and broad compatibility, this plugin simplifies the process of embedding live streams on WordPress sites.

The vulnerability detected is a Server-Side Request Forgery (SSRF). This flaw allows attackers to manipulate the web server to make unauthorized requests to arbitrary locations. Exploiting this vulnerability can lead to querying and modifying sensitive data from internal services.

The technical details of this vulnerability involve a vulnerable endpoint that processes unauthenticated requests. The "radio_player_get_stream_data" action parameter, combined with a crafted URL, enables attackers to trigger unauthorized requests via server-side communication. The affected parameters include nonce and url fields in HTTP POST requests.

Exploitation of this vulnerability can lead to sensitive data leakage, manipulation of internal services, and potential pivoting into more critical systems. Malicious users could misuse it for reconnaissance or privilege escalation.

REFERENCES

• https://patchstack.com/database/wordpress/plugin/radio-player/vulnerability/wordpress-radio-player-plugin-2-0-82-server-side-request-forgery-ssrf-vulnerability?_s_id=cve
• https://github.com/RandomRobbieBF/CVE-2024-54385
• https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/radio-player/radio-player-2082-unauthenticated-server-side-request-forgery
• https://nvd.nist.gov/vuln/detail/CVE-2024-54385