Unauthenticated Attackers Can Abuse 'file_get_contents' Function in WordPress Picture/Portfolio/Media Gallery Plugin
CVE-2024-5021

9.3CRITICAL

Key Information:

Vendor: Wordpress
Status: WordPress Picture / Portfolio / Media Gallery
Vendor: CVE Published:; 19 June 2024

What is CVE-2024-5021?

The Nimble Portfolio plugin for WordPress is susceptible to a Server-Side Request Forgery vulnerability in all versions up to and including 3.0.1. This issue arises from how the plugin utilizes the 'file_get_contents' function, allowing unauthenticated attackers to craft malicious web requests to arbitrary locations. The exploitation of this flaw can lead to unauthorized querying and modification of information from internal services, posing serious risks to the security and integrity of affected web applications.

Affected Version(s)

WordPress Picture / Portfolio / Media Gallery * <= 3.0.1

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/nimble-portfol...

CVSS V3.1

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 19, 2024
Vulnerability Reserved
May 16, 2024

Credit

Francesco Carlucci