Page Builder Gutenberg Blocks – CoBlocks Vulnerability – Authenticated (Contributor+) Server-Side Request Forgery – CVE-2024-4260 | WordPress Plugin Vulnerability Report
Plugin Name: Page Builder Gutenberg Blocks – CoBlocks
Key Information:
- Software Type: Plugin
- Software Slug: coblocks
- Software Status: Active
- Software Author: godaddy
- Software Downloads: 22,484,801
- Active Installs: 400,000
- Last Updated: August 6, 2024
- Patched Versions: 3.1.12
- Affected Versions: <= 3.1.11
Vulnerability Details:
- Name: Page Builder Gutenberg Blocks – CoBlocks <= 3.1.11
- Type: Authenticated (Contributor+) Server-Side Request Forgery
- CVE: CVE-2024-4260
- CVSS Score: 4.3
- Publicly Published: July 2, 2024
- Researcher: Dmitrii Ignatyev - CleanTalk Inc
- Description: The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Server-Side Request Forgery (SSRF) in all versions up to, and including, 3.1.11. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary locations originating from the web application. These requests can be used to query and modify information from internal services.
Summary:
The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress has a vulnerability in versions up to and including 3.1.11 that allows authenticated (Contributor+) server-side request forgery. This vulnerability has been patched in version 3.1.12.
Detailed Overview:
The Page Builder Gutenberg Blocks – CoBlocks plugin is a popular tool for enhancing WordPress sites with custom blocks for the Gutenberg editor. However, a critical vulnerability was discovered in the plugin, identified as CVE-2024-4260. Discovered by Dmitrii Ignatyev from CleanTalk Inc, this vulnerability allows authenticated users with Contributor-level access and above to exploit Server-Side Request Forgery (SSRF). This flaw enables attackers to make web requests to arbitrary locations from the web application, potentially querying and modifying information from internal services.
This vulnerability, which has a CVSS score of 4.3, was publicly disclosed on July 2, 2024. It affects all versions of the CoBlocks plugin up to and including 3.1.11. The developers at GoDaddy responded promptly to this issue, releasing a patched version, 3.1.12, on August 6, 2024.
Advice for Users:
Immediate Action: Users are strongly encouraged to update to version 3.1.12 immediately to mitigate the risk of SSRF exploitation.
Check for Signs of Vulnerability: Users should inspect their sites for any signs of unauthorized web requests or unusual activity, especially originating from Contributor-level accounts.
Alternate Plugins: While a patch is available, users might consider exploring alternative plugins that offer similar functionality as a precaution.
Stay Updated: Regularly updating all plugins to their latest versions is crucial to prevent vulnerabilities and protect sensitive data.
Conclusion:
The prompt response from the CoBlocks development team to patch this vulnerability underscores the importance of timely updates. Users are advised to ensure that they are running version 3.1.12 or later to secure their WordPress installations. For small business owners, staying on top of security vulnerabilities might seem daunting, but it is essential for protecting your online presence. Regular maintenance, including updates and vulnerability checks, is crucial in safeguarding your site against potential threats. If you need assistance or have concerns about your website's security, don’t hesitate to seek professional help. Staying informed and proactive is key to maintaining a secure and trustworthy website.
References:
Detailed Report:
Maintaining the security of your website is crucial, especially in today’s digital landscape where vulnerabilities can significantly impact your business. One of the most effective ways to protect your site from potential threats is to ensure all your plugins and software are up to date. Recently, a critical security vulnerability was discovered in the Page Builder Gutenberg Blocks – CoBlocks plugin, a popular tool used to enhance WordPress sites with custom blocks for the Gutenberg editor. This vulnerability, identified as CVE-2024-4260, exposes your site to the risk of Server-Side Request Forgery (SSRF), allowing authenticated attackers with Contributor-level access to make web requests to arbitrary locations from the web application. This can potentially lead to unauthorized querying and modification of information from internal services.
Summary:
The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress has a vulnerability in versions up to and including 3.1.11 that allows authenticated (Contributor+) server-side request forgery. This vulnerability has been patched in version 3.1.12.
Detailed Overview:
The Page Builder Gutenberg Blocks – CoBlocks plugin is a popular tool for enhancing WordPress sites with custom blocks for the Gutenberg editor. However, a critical vulnerability was discovered in the plugin, identified as CVE-2024-4260. Discovered by Dmitrii Ignatyev from CleanTalk Inc, this vulnerability allows authenticated users with Contributor-level access and above to exploit Server-Side Request Forgery (SSRF). This flaw enables attackers to make web requests to arbitrary locations from the web application, potentially querying and modifying information from internal services.
This vulnerability, which has a CVSS score of 4.3, was publicly disclosed on July 2, 2024. It affects all versions of the CoBlocks plugin up to and including 3.1.11. The developers at GoDaddy responded promptly to this issue, releasing a patched version, 3.1.12, on August 6, 2024.
Risks and Potential Impacts:
The vulnerability affects all versions of the CoBlocks plugin up to and including 3.1.11. Authenticated attackers with Contributor-level access can exploit this flaw to make web requests to arbitrary locations from the web application. This could lead to unauthorized querying and modification of information from internal services, posing a significant risk to the security and integrity of your site.
Remediation:
The developers at GoDaddy have promptly addressed the issue by releasing a patched version, 3.1.12, on August 6, 2024. To protect your site, it is imperative to update to the latest version of CoBlocks immediately to mitigate the risk. Additionally, inspect your site for any signs of unauthorized web requests or unusual activity, especially from Contributor-level accounts. While a patch is available, exploring alternative plugins that offer similar functionality can also be a prudent precaution. Regularly updating all plugins to their latest versions is critical in preventing vulnerabilities and protecting sensitive data.
Overview of Previous Vulnerabilities:
Since March 12, 2024, there have been three previous vulnerabilities reported in the CoBlocks plugin. This history underscores the importance of regular updates and proactive security measures to protect your website from emerging threats.
Conclusion:
The prompt response from the CoBlocks development team to patch this vulnerability underscores the importance of timely updates. Users are advised to ensure that they are running version 3.1.12 or later to secure their WordPress installations. For small business owners, staying on top of security vulnerabilities might seem daunting, but it is essential for protecting your online presence. Regular maintenance, including updates and vulnerability checks, is crucial in safeguarding your site against potential threats. If you need assistance or have concerns about your website's security, don’t hesitate to seek professional help. Staying informed and proactive is key to maintaining a secure and trustworthy website.
Staying Secure
Staying on top of WordPress security can feel overwhelming for small business owners without dedicated IT staff. At Your WP Guy, we exist to shoulder that burden for you. Our WordPress experts can fully audit, secure, maintain and support your site - so you can focus on growing your business with peace of mind.
Don't tackle security risks alone. Let us help you assess any impact from this vulnerability, update your plugins, and implement ongoing maintenance to avoid future threats. We treat your website like it's our own - because we know how critical it is for reaching your customers.
Get in touch for a free consultation today on making WordPress security stress-free. Call 678-995-5169 or book a call here. Our knowledgeable team is ready to help you safeguard your online presence.