CVE-2024-10763 Scanner

WordPress Campress Theme is a popular theme used by educational websites for creating and managing websites with features tailored for educational purposes. It allows educational institutions to build interactive and comprehensive online learning platforms. The theme enables non-technical users to customize their educational websites easily with its various built-in tools. Widely used by schools, universities, and online course providers, it offers an array of functionalities aimed at engaging students and managing educational content. By providing compatibility with WooCommerce, it also supports selling educational materials and courses online.

The Local File Inclusion vulnerability allows attackers to include and potentially execute files from the server on the web application. This vulnerability in the WordPress Campress Theme can be exploited without authentication, making it particularly dangerous. Attackers can exploit this vulnerability to include arbitrary PHP files within the application's execution path. As a result, it can lead to remote code execution or full server compromise, endangering sensitive data and giving attackers control over the server. Once attackers gain access to sensitive files like configuration files, they can further escalate their attacks. Due to its high impact, it is rated as a critical vulnerability that needs immediate attention.

The technical details involve the exploitation of the 'campress_woocommerce_get_ajax_products' function in the theme. An attacker crafts a malicious HTTP POST request targeting 'wp-admin/admin-ajax.php' to inject harmful code. The vulnerability is further exploited by including a PHP wrapper filter to download and execute arbitrary PHP code. The 'action' parameter within the request payload is utilized to manipulate input paths and include server files. This mechanism allows attackers to convert server-side files into executable scripts, potentially resulting in full control over the server. By leveraging this local file inclusion flaw, attackers can breach system security and confidentiality.

If exploited successfully, attackers can potentially obtain sensitive information from configuration files, leading to further attacks such as credential theft and unauthorized access. The vulnerable components of the theme may allow attackers to initiate remote code execution and command likely actions on the server. This results in the compromise of data integrity and confidentiality, posing risks of unauthorized data accesses, modification, and even deletion. Attackers executing commands may install backdoors, manipulate system files, and network communications can be intercepted for malicious purposes. These scenarios can cause significant disruptions and necessitate substantial mitigation efforts to restore normal operations.

REFERENCES

• https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-themes/campress/campress-135-unauthenticated-local-file-inclusion