WordPress Infinite Scroll Vulnerability – Ajax Load More – Authenticated (Admin+) Directory Traversal to Arbitrary File Read – CVE-2024-1790 |WordPress Plugin Vulnerability Report
Plugin Name: WordPress Infinite Scroll – Ajax Load More
Key Information:
- Software Type: Plugin
- Software Slug: ajax-load-more
- Software Status: Active
- Software Author: connekthq
- Software Downloads: 1,877,054
- Active Installs: 50,000
- Last Updated: March 26, 2024
- Patched Versions: 7.1.0
- Affected Versions: <= 7.0.1
Vulnerability Details:
- Name: Ajax Load More <= 7.0.1 Authenticated (Admin+) Directory Traversal to Arbitrary File Read
- Type: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
- CVE: CVE-2024-1790
- CVSS Score: 4.9
- Publicly Published: March 26, 2024
- Researcher: Hoa Le Ngoc
- Description: The WordPress Infinite Scroll – Ajax Load More plugin, renowned for its seamless integration of infinite scroll functionality into WordPress sites, has been found vulnerable to a Path Traversal attack in versions up to and including 7.0.1. The vulnerability arises from improper handling of the 'type' parameter, allowing authenticated users with administrative rights to read arbitrary files on the server, potentially exposing sensitive information. This vulnerability predominantly affects Windows-based server instances.
Summary:
The Ajax Load More plugin for WordPress contains a security vulnerability in versions up to 7.0.1 that permits directory traversal for arbitrary file reading by users with administrative privileges. This critical flaw could lead to the disclosure of sensitive server information. A fix has been implemented in the updated version 7.1.0 to address this security issue.
Detailed Overview:
Discovered by researcher Hoa Le Ngoc, this vulnerability exposes sites to significant risk by enabling those with admin-level access to exploit the Path Traversal flaw through the misuse of the 'type' parameter. Particularly concerning for WordPress installations on Windows servers, this could lead to unauthorized access to sensitive files, undermining the security of the entire site. The moderate CVSS score of 4.9 reflects the specific conditions required to exploit this vulnerability but does not diminish its potential impact.
Advice for Users:
- Immediate Action: Users of the Ajax Load More plugin are urged to update to version 7.1.0 immediately to safeguard against this vulnerability.
- Check for Signs of Vulnerability: Administrators should audit their sites for unexpected file access or other indications of this exploit being used, especially if running WordPress on a Windows server.
- Alternate Plugins: While the patch addresses this specific vulnerability, users concerned about security may explore alternative infinite scroll plugins that meet their needs without known vulnerabilities.
- Stay Updated: Ensuring that all WordPress plugins, themes, and core installations are up to date is crucial for maintaining site security and functionality.
Conclusion:
The timely update provided by the developers of the WordPress Infinite Scroll – Ajax Load More plugin highlights the importance of ongoing vigilance and prompt action in the face of new vulnerabilities. By updating to version 7.1.0, users can protect their sites from potential exploitation through this Path Traversal vulnerability. As always, maintaining an up-to-date WordPress environment is key to securing your online presence against emerging threats.
References:
- Wordfence Vulnerability Report on Ajax Load More
- General Wordfence Vulnerability Database for Ajax Load More
Detailed Report:
Staying Secure
Staying on top of WordPress security can feel overwhelming for small business owners without dedicated IT staff. At Your WP Guy, we exist to shoulder that burden for you. Our WordPress experts can fully audit, secure, maintain and support your site - so you can focus on growing your business with peace of mind.
Don't tackle security risks alone. Let us help you assess any impact from this vulnerability, update your plugins, and implement ongoing maintenance to avoid future threats. We treat your website like it's our own - because we know how critical it is for reaching your customers.
Get in touch for a free consultation today on making WordPress security stress-free. Call 678-995-5169 or book a call here. Our knowledgeable team is ready to help you safeguard your online presence.