Brizy Vulnerability– Page Builder – Authenticated (Contributor+) Arbitrary File Upload – CVE-2024-1311| WordPress Plugin Vulnerability Report
Plugin Name: Brizy – Page Builder
Key Information:
- Software Type: Plugin
- Software Slug: brizy
- Software Status: Active
- Software Author: themefusecom
- Software Downloads: 4,542,478
- Active Installs: 80,000
- Last Updated: February 27, 2024
- Patched Versions: 2.4.41
- Affected Versions: 2.4.40 - 2.4.40
Vulnerability Details:
- Name: Brizy – Page Builder <= 2.4.40
- Title: Authenticated (Contributor+) Arbitrary File Upload
- Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- CVE: CVE-2024-1311
- CVSS Score: 8.8
- Publicly Published: February 23, 2024
- Researcher: stealthcopter
- Description: The Brizy – Page Builder plugin for WordPress contains a critical security flaw in versions up to 2.4.40, allowing authenticated users with contributor-level permissions or higher to upload arbitrary files to the server. This vulnerability arises from inadequate file type validation within the
storeImages
function, posing a significant risk of remote code execution on the affected site.
Summary
The Brizy – Page Builder plugin, an essential tool for WordPress users to craft and design pages, has been found to harbor a severe security vulnerability in its file upload mechanism. This flaw, identified in versions up to and including 2.4.40, could potentially allow attackers to execute malicious code on the host server. A prompt update to version 2.4.41 has been released to address this critical issue.
Detailed Overview
This vulnerability was discovered by the researcher stealthcopter, highlighting a significant oversight in the plugin's file upload validation process. The absence of stringent file type checks in the storeImages
function opens the door for attackers to upload harmful files, including scripts that could be executed on the server, leading to unauthorized access and control. The vulnerability's high CVSS score of 8.8 underscores the potential for substantial impact, including data breaches and site compromise.
Advice for Users:
- Immediate Action: It is imperative for users of the Brizy – Page Builder plugin to immediately update to the patched version 2.4.41 to eliminate the vulnerability and secure their WordPress installations.
- Check for Signs of Vulnerability: Administrators should review their site for any unauthorized file uploads, particularly in the directories used by Brizy – Page Builder, and scan for potential malicious activity.
- Alternate Plugins: While the patched version resolves this specific vulnerability, users may consider evaluating other page builder plugins that meet their needs and maintain strong security practices.
- Stay Updated: The cornerstone of maintaining a secure WordPress site is the regular update of all plugins, themes, and the core system. Users should enable automatic updates where possible and stay informed about new releases and security patches.
Conclusion
The rapid response by the developers of Brizy – Page Builder to mitigate CVE-2024-1311 reflects the critical importance of timely software updates in the face of emerging vulnerabilities. For WordPress site owners, especially those managing business platforms, this incident serves as a crucial reminder of the ongoing need for vigilance in cybersecurity practices. Regular updates, combined with a proactive security stance, are essential in protecting digital assets and maintaining the trust of site users.