CVE-2020-36708 Scanner
CVE-2020-36708 Scanner - Remote Code Execution (RCE) vulnerability in WordPress Epsilon Framework Themes
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
8 days 10 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
-
WordPress Epsilon Framework Themes are widely utilized across various WordPress sites to enhance design and functionality. These themes are popular among web developers for their customizable features, which allow for greater flexibility in site design. They are used in websites ranging from personal blogs to corporate sites, serving diverse purposes. The ease of use and compatibility with multiple plugins make them a favorite choice for many WordPress users. However, like any software, they can become outdated, and vulnerabilities may emerge if not regularly updated. The themes are managed by Colorlib, a notable provider in the WordPress theme industry.
The Remote Code Execution (RCE) vulnerability in the WordPress Epsilon Framework Themes allows unauthenticated attackers to execute arbitrary code. This vulnerability exploits the epsilon_framework_ajax_action function, permitting attackers to call functions remotely. Such vulnerabilities can lead to complete control of the affected WordPress site. The lack of authentication required for this exploit exacerbates the risk, making it a critical concern for site administrators. Developers have since addressed this vulnerability in newer updates to the themes.
Technical analysis reveals that the vulnerability is due to a function injection flaw. Specifically, the vulnerability exists in the 'epsilon_framework_ajax_action' endpoint within the affected themes. By manipulating the 'admin-ajax.php' endpoint, attackers can bypass authentication and execute arbitrary functions. The vulnerability allows for interaction with Interactsh Server to confirm exploitation. The vulnerable parameter in this context is the 'action' parameter, which is improperly filtered in older versions of the themes.
Exploitation of this vulnerability can result in severe consequences, such as a full site compromise. Attackers could potentially gain access to sensitive data, manipulate site content, and further deploy malicious code within the site's user environment. This could damage the site's reputation, disrupt operations, and lead to data breaches. It is imperative for site administrators to promptly secure their installations to prevent such outcomes.
REFERENCES
- https://www.exploit-db.com/exploits/49327
- https://wpscan.com/vulnerability/10417
- https://wpscan.com/vulnerability/bec52a5b-c892-4763-a962-05da7100eca5
- https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/
- https://www.wordfence.com/threat-intel/vulnerabilities/id/5b75c322-539d-44e9-8f26-5ff929874b67?source=cve
- https://blog.nintechnet.com/unauthenticated-function-injection-vulnerability-fixed-in-15-wordpress-themes/
- https://blog.nintechnet.com/unauthenticated-function-injection-vulnerability-in-wordpress-sparkling-theme/
