CVE-2024-10392
published 2024-10-31CVE-2024-10392: The AI Power: Complete AI Pack plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_image_upload'…
PriorityP187critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
13.13%
95.9th percentile
The AI Power: Complete AI Pack plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_image_upload' function in all versions up to, and including, 1.8.89. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| senols | ai_puffer_your_ai_engine_for_wordpress | <= 1.8.89 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability exists in the 'handle_image_upload' function of the AI Power: Complete AI Pack WordPress plugin, which performs no file type validation — monitor for unexpected file type uploads (e.g., PHP webshells) via this function on WordPress sites running the plugin. ↗
- →The vulnerability is exploitable by unauthenticated attackers, so monitor for file upload requests to WordPress endpoints associated with the AI Power plugin from unauthenticated sessions. ↗
- →Approximately 10,000 WordPress websites are running the vulnerable plugin; prioritize scanning and detection across WordPress environments for this plugin version. ↗
- ·All versions up to and including 1.8.89 of the AI Power: Complete AI Pack WordPress plugin are vulnerable; ensure patching to a version beyond 1.8.89. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-fjcx-qrhr-v7rr: The AI Power: Complete AI Pack plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_image_u
ghsa_unreviewed·2024-10-31
CVE-2024-10392 [CRITICAL] CWE-434 GHSA-fjcx-qrhr-v7rr: The AI Power: Complete AI Pack plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_image_u
The AI Power: Complete AI Pack plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_image_upload' function in all versions up to, and including, 1.8.89. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
VulnCheck
AI Power: Complete AI Pack plugin for WordPress handle_image_upload Function Arbitrary File Upload Vulnerability
vulncheck·2024·CVSS 9.8
CVE-2024-10392 [CRITICAL] AI Power: Complete AI Pack plugin for WordPress handle_image_upload Function Arbitrary File Upload Vulnerability
AI Power: Complete AI Pack plugin for WordPress handle_image_upload Function Arbitrary File Upload Vulnerability
The AI Power: Complete AI Pack plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_image_upload' function in all versions up to, and including, 1.8.89. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Affected: AI Power AI Power: Complete AI Pack plugin for WordPress
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://patchstack.com/database/vulnerability/gpt3-ai-content-gener
Suricata
GPL NETBIOS RFParalyze Attempt
suricata·2010-09-23
CVE-2000-0347 GPL NETBIOS RFParalyze Attempt
GPL NETBIOS RFParalyze Attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 139 (msg:"GPL NETBIOS RFParalyze Attempt"; flow:established,to_server; content:"BEAVIS"; content:"yep yep"; reference:bugtraq,1163; reference:cve,2000-0347; reference:nessus,10392; classtype:attempted-recon; sid:2101239; rev:11; metadata:created_at 2010_09_23, cve CVE_2000_0347, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
No public exploits indexed.
2024-10-31
Published
Exploited in the wild