CVE-2024-6555 Scanner
CVE-2024-6555 Scanner - Information Disclosure vulnerability in WP Popups - WordPress Popup builder plugin
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
24 days 3 hours
Scan only one
URL
Toolbox
WP Popups is a widely utilized plugin for creating popups on WordPress websites. Its user-friendly interface allows website administrators to design and manage popups efficiently. The plugin is often used by marketing teams to engage visitors through newsletters or promotional content. Developers also integrate this plugin to enhance user interaction on the site. It is compatible with a range of WordPress themes and is supported by a vast WordPress community. In summary, WP Popups is a versatile tool aimed at improving user engagement and boosting content visibility.
Information disclosure vulnerabilities occur when applications unintentionally reveal sensitive data. In the case of WP Popups, a specific vulnerability was identified that enables unauthorized users to gain access to server file paths. This flaw can be exploited without requiring authentication or any specific conditions. It becomes a stepping stone for attackers aiming to plan more sophisticated attacks on susceptible systems. Such vulnerabilities are critical as they expose internal architecture details inadvertently. Consequently, early detection and patching are necessary to prevent exploitation.
The vulnerability in WP Popups resides in using an unprotected endpoint that results in full path disclosure. When a specific endpoint is accessed, the server inadvertently leaks server path information. The vulnerable endpoint is located at `/wp-content/plugins/wp-popups-lite/src/vendor/mobiledetect/mobiledetectlib/export/exportToJSON.php`. There are no restrictions to access this endpoint, making it an easy target for automated scans. Using the endpoint, attackers can fetch a JSON file revealing server paths. Regular updates and secured coding practices can mitigate such vulnerabilities.
Potential exploitation of this vulnerability can lead to attackers gaining insights into the server's directory structure. With knowledge of server paths, attackers can escalate their attacks, possibly leading to directory traversal or other exploitation tactics. An informed attacker, equipped with such information, may target specific files or directories furthering information leakage. In worst-case scenarios, subsequent exploits may result in data breaches. Securing and consistently patching plugins remains crucial to protecting sensitive data.
REFERENCES
- https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-popups-lite/wp-popups-wordpress-popup-builder-2201-unauthenticated-full-path-disclosure
- https://nvd.nist.gov/vuln/detail/CVE-2024-6555
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3115849%40wp-popups-lite&new=3115849%40wp-popups-lite&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/578892f2-9841-4493-8445-61b79feb4764?source=cve
