CVE-2024-2340
published 2024-04-09CVE-2024-2340: The Avada theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.11.6 via the…
PriorityP350medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EXPLOIT
EPSS
28.00%
97.9th percentile
The Avada theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.11.6 via the '/wp-content/uploads/fusion-forms/' directory. This makes it possible for unauthenticated attackers to extract sensitive data uploaded via an Avada created form with a file upload mechanism.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| theme-fusion | avada | < 7.11.7 | 7.11.7 |
| themefusion | avada_website_builder_for_wordpress_woocommerce | <= 7.11.6 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect unauthenticated HTTP GET requests to the exposed Avada fusion-forms upload directory returning HTTP 200, which may indicate directory listing or file enumeration by an attacker. ↗
- →Use the following nuclei-style detection logic: match page title containing 'Avada' and 'Index of' (directory listing indicator) alongside the keyword 'fusion', with an HTTP 200 status response on the fusion-forms path.
- ·Vulnerability only exists if the WordPress installation has directory listing enabled on the '/wp-content/uploads/fusion-forms/' path AND the Avada theme's file upload form feature has been used to collect files. ↗
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
vendor_redhat4.7MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wvrc-7835-9grj: The Avada theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7
ghsa_unreviewed·2024-04-09
CVE-2024-2340 [MEDIUM] CWE-548 GHSA-wvrc-7835-9grj: The Avada theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7
The Avada theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.11.6 via the '/wp-content/uploads/fusion-forms/' directory. This makes it possible for unauthenticated attackers to extract sensitive data uploaded via an Avada created form with a file upload mechanism.
Red Hat
kernel: packet: annotate data-races around ignore_outgoing
vendor_redhat·2024-04-17·CVSS 4.7
CVE-2024-26862 [MEDIUM] CWE-362 kernel: packet: annotate data-races around ignore_outgoing
kernel: packet: annotate data-races around ignore_outgoing
In the Linux kernel, the following vulnerability has been resolved:
packet: annotate data-races around ignore_outgoing
ignore_outgoing is read locklessly from dev_queue_xmit_nit()
and packet_getsockopt()
Add appropriate READ_ONCE()/WRITE_ONCE() annotations.
syzbot reported:
BUG: KCSAN: data-race in dev_queue_xmit_nit / packet_setsockopt
write to 0xffff888107804542 of 1 bytes by task 22618 on cpu 0:
packet_setsockopt+0xd83/0xfd0 net/packet/af_packet.c:4003
do_sock_setsockopt net/socket.c:2311 [inline]
__sys_setsockopt+0x1d8/0x250 net/socket.c:2334
__do_sys_setsockopt net/socket.c:2343 [inline]
__se_sys_setsockopt net/socket.c:2340 [inline]
__x64_sys_setsockopt+0x66/0x80 net/socket.c:2340
do_syscall_64+0xd3/0x1d0
entry_SYSCALL_64_af
No detection rules found.
Nuclei
Avada < 7.11.7 - Information Disclosure
nuclei·CVSS 5.3
CVE-2024-2340 [MEDIUM] Avada < 7.11.7 - Information Disclosure
Avada Index of [\s\S]*title>'
- 'fusion'
condition: and
- type: status
status:
- 200
# digest: 490a00463044022069db95fa06d43d541df15f0a104741a0b6c2f2e0cce2d0d99eee00525a8e9c0102200fd208e5dcc7d8777c2e7f4bec78dac9096e47e899337a2944227388b867a999:922c64590222798bb761d5b6d8e72950
No writeups or analysis indexed.
https://avada.com/documentation/avada-changelog/https://www.wordfence.com/threat-intel/vulnerabilities/id/8db8bbc3-43ca-4ef5-a44d-2987c8597961?source=cvehttps://avada.com/documentation/avada-changelog/https://www.wordfence.com/threat-intel/vulnerabilities/id/8db8bbc3-43ca-4ef5-a44d-2987c8597961?source=cve
2024-04-09
Published