CVE-2024-4898
published 2024-06-12CVE-2024-4898: The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary option updates due to a missing authorization checks on…
PriorityP185critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEVInitial access
Exploited in the wild
EPSS
4.16%
89.6th percentile
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary option updates due to a missing authorization checks on the REST API calls in all versions up to, and including, 0.1.0.38. This makes it possible for unauthenticated attackers to connect the site to InstaWP API, edit arbitrary site options and create administrator accounts.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| instawp | instawp_connect | < 0.1.0.39 | 0.1.0.39 |
| instawp | instawp_connect_1-click_wp_staging_migration | <= 0.1.0.38 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect unauthenticated POST requests to the InstaWP Connect REST API endpoint /wp-json/instawp-connect/v1/config — no Authorization header required; attacker supplies an api_key in the JSON body to connect the site and create admin users. ↗
- →A successful exploitation response contains all three JSON fields: '"status":true', '"connect_id":', and '"message":"Connected"' with HTTP 200 — alert on this combination in web application logs. ↗
- →Presence of the plugin path /wp-content/plugins/instawp-connect/ in HTTP responses can be used to fingerprint vulnerable WordPress installations for targeted scanning. ↗
- →The vulnerability resides in the REST API handler class; review or monitor class-instawp-rest-api.php around line 926 for missing authorization logic. ↗
- ·The Nuclei PoC template requires a valid InstaWP api_key variable to be supplied at runtime; without it the exploit payload will not authenticate to the InstaWP API and the test will not produce a meaningful result. ↗
- ·The vulnerability affects all plugin versions up to and including 0.1.0.38; version 0.1.0.39 or later contains the patch — ensure version checks in detection rules account for this boundary. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL
vendor_redhat5.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9qw6-wc53-f6x9: The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary option updates due to a missing authorization che
ghsa_unreviewed·2024-06-12
CVE-2024-4898 [CRITICAL] CWE-862 GHSA-9qw6-wc53-f6x9: The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary option updates due to a missing authorization che
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary option updates due to a missing authorization checks on the REST API calls in all versions up to, and including, 0.1.0.38. This makes it possible for unauthenticated attackers to connect the site to InstaWP API, edit arbitrary site options and create administrator accounts.
VulnCheck
InstaWP Connect - 1-click WP Staging & Migration plugin for WordPress REST API Vulnerability
vulncheck·2024·CVSS 9.8
CVE-2024-4898 [CRITICAL] InstaWP Connect - 1-click WP Staging & Migration plugin for WordPress REST API Vulnerability
InstaWP Connect - 1-click WP Staging & Migration plugin for WordPress REST API Vulnerability
The InstaWP Connect - 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary option updates due to a missing authorization checks on the REST API calls in all versions up to, and including, 0.1.0.38. This makes it possible for unauthenticated attackers to connect the site to InstaWP API, edit arbitrary site options and create administrator accounts.
Affected: InstaWP Connect - 1-click WP Staging & Migration plugin for WordPress
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://patchstack.com/database/vulnerability/instawp-connect/word
Red Hat
kernel: f2fs: get rid of online repaire on corrupted directory
vendor_redhat·2024-10-21·CVSS 5.5
CVE-2024-47690 [MEDIUM] CWE-366 kernel: f2fs: get rid of online repaire on corrupted directory
kernel: f2fs: get rid of online repaire on corrupted directory
In the Linux kernel, the following vulnerability has been resolved:
f2fs: get rid of online repaire on corrupted directory
syzbot reports a f2fs bug as below:
kernel BUG at fs/f2fs/inode.c:896!
RIP: 0010:f2fs_evict_inode+0x1598/0x15c0 fs/f2fs/inode.c:896
Call Trace:
evict+0x532/0x950 fs/inode.c:704
dispose_list fs/inode.c:747 [inline]
evict_inodes+0x5f9/0x690 fs/inode.c:797
generic_shutdown_super+0x9d/0x2d0 fs/super.c:627
kill_block_super+0x44/0x90 fs/super.c:1696
kill_f2fs_super+0x344/0x690 fs/f2fs/super.c:4898
deactivate_locked_super+0xc4/0x130 fs/super.c:473
cleanup_mnt+0x41f/0x4b0 fs/namespace.c:1373
task_work_run+0x24f/0x310 kernel/task_work.c:228
ptrace_notify+0x2d2/0x380 kernel/signal.c:2402
ptrace_report_syscall includ
No detection rules found.
Nuclei
WordPress InstaWP Connect <= 0.1.0.38 - Unauthenticated User Creation
nuclei·CVSS 9.8
CVE-2024-4898 [CRITICAL] WordPress InstaWP Connect <= 0.1.0.38 - Unauthenticated User Creation
WordPress InstaWP Connect <= 0.1.0.38 - Unauthenticated User Creation
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary option updates due to a missing authorization checks on the REST API calls in all versions up to, and including, 0.1.0.38. This makes it possible for unauthenticated attackers to connect the site to InstaWP API, edit arbitrary site options and create administrator accounts.
Template:
id: CVE-2024-4898
info:
name: WordPress InstaWP Connect <= 0.1.0.38 - Unauthenticated User Creation
author: Sourabh-Sahu
severity: critical
description: |
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary option updates due to a missing authorization checks on the REST API calls in all ve
No writeups or analysis indexed.
https://plugins.trac.wordpress.org/browser/instawp-connect/tags/0.1.0.38/includes/class-instawp-rest-api.php#L926https://www.wordfence.com/threat-intel/vulnerabilities/id/92a00fb4-7b50-43fd-ac04-5d6e29336e9c?source=cvehttps://plugins.trac.wordpress.org/browser/instawp-connect/tags/0.1.0.38/includes/class-instawp-rest-api.php#L926https://www.wordfence.com/threat-intel/vulnerabilities/id/92a00fb4-7b50-43fd-ac04-5d6e29336e9c?source=cve
2024-06-12
Published
Exploited in the wild