CVE-2024-8252 Scanner

The WordPress Clean Login plugin is widely used by website administrators who wish to provide a user-friendly login interface on their WordPress sites. Developed by Codection, Clean Login offers features such as login, registration, and password recovery integrated into the WordPress environment. This plugin is particularly popular among bloggers, small business websites, and online communities. Its functionality and ease of use make it a sought-after addition to customize login pages. However, like any plugin, it requires regular updates to maintain security. It is used by people looking for simple deployment without additional technical overhead.

Local File Inclusion (LFI) is a vulnerability that allows an attacker to include files, usually remotely, that are primarily accessible via the web server. The Clean Login plugin up to version 1.14.5 is susceptible to LFI due to improper sanitization of input associated with template file inclusion. Exploiting this vulnerability, attackers with authenticated access can navigate to restricted local files. Such vulnerabilities can lead to significant security risks including exposure of sensitive files and execution of arbitrary code if not addressed promptly. It is crucial for systems using vulnerable versions of the plugin to mitigate risks associated with LFI.

The vulnerability resides in the 'template' attribute of the 'clean-login-register' shortcode within the Clean Login plugin. Authenticated users, specifically those with contributor access or higher, use this endpoint to include unintended files. The 'template' attribute does not adequately filter or escape path traversal sequences, enabling the LFI attack vector. Attackers can craft requests that point to critical system files, potentially leading to unauthorized code execution. Regular expressions and status checks in HTTP response are typically used in scans to confirm the presence of this vulnerability. Timely detection and remediation are crucial to prevent exploitation.

Exploitation of the Local File Inclusion vulnerability in the Clean Login plugin could lead to severe consequences. Malicious exploits may gain unauthorized access to sensitive user data, manipulate or destroy files, and in worst-case scenarios, obtain control over the web server hosting the vulnerable WordPress site. This can lead to site defacement, data theft, or the planting of backdoors for persistent access. Furthermore, compromised files and injected code can damage the server's integrity, disrupt services, and potentially spread across the network affecting other connected devices. Mitigating such risks entails prompt patching and enhancing access controls.

REFERENCES

• https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/clean-login/clean-login-1145-authenticated-contributor-local-file-inclusion
• https://plugins.trac.wordpress.org/changeset/3143241/clean-login