CVE-2024-13609 Scanner

The 1 Click WordPress Migration Plugin is widely used by website administrators for migrating WordPress sites between servers. It is a powerful tool intended to simplify the otherwise complicated migration process. By offering a largely automated approach, users can save time and reduce the chances of errors during site transfers. This plugin is especially popular among users needing temporary trials or testing environments. Administrators use the plugin to create backups, ensuring data is not lost during server transfers or upgrades. The plugin's functionality is meant to streamline data migration processes while maintaining the integrity of the site.

The vulnerability affecting the 1 Click WordPress Migration Plugin allows for sensitive information exposure. Specifically, this information could include usernames and password hashes, which can be compromised during the active backup process. Such vulnerabilities are particularly dangerous as they can be exploited by unauthenticated users, thereby broadening the attack surface. Once attackers gain access to this sensitive data, the risk of account takeovers increases significantly. Ensuring the safe transfer and storage of data is vital in maintaining site security. This vulnerability demonstrates the risks involved when sensitive data is exposed inadequately during backup processes.

The vulnerability is present in the class-ocm-backup.php file, where sensitive data such as usernames and corresponding password hashes can be exposed. The attack vector allows unauthorized access to the plugin's backup SQL files. Exploits involve accessing the path `{{BaseURL}}/wp-content/tmp/db/{{table}}.sql` with specific SQL payloads, including wp_users and wp_usermeta tables. The vulnerability arises when the plugin briefly exposes these files during an active backup process. Attackers can leverage HTTP GET requests to enumerate and extract sensitive information. The flaw is in the inadequate restriction on access to these temporary files during the backup process.

If exploited, this vulnerability poses significant risks, including unauthorized account access. Such access could lead to data breaches, resulting in compromised user information. Attackers could escalate privileges on the affected site, deploying further attacks or deploying malicious code that compromises site integrity. Moreover, this could also lead to a loss of trust from users, affecting the site's reputation. In the worst case, an attacker could take over the entire site, resulting in significant disruptions or financial losses. As this vulnerability allows for the extraction of sensitive information, prompt remediation is crucial to prevent further malicious exploitation.

REFERENCES

• https://wpscan.com/vulnerability/17fa121a-caa6-46ef-a865-eafd97d86abb
• https://nvd.nist.gov/vuln/detail/CVE-2024-13609