10.0
CRITICAL
CVE-2024-6500
InPost for WooCommerce/PL PHP File Inclusion/Deletion Vulnerability
Description

The InPost for WooCommerce plugin and InPost PL plugin for WordPress are vulnerable to unauthorized access and deletion of data due to a missing capability check on the 'parse_request' function in all versions up to, and including, 1.4.0 (for InPost for WooCommerce) as well as 1.4.4 (for InPost PL). This makes it possible for unauthenticated attackers to read and delete arbitrary files on Windows servers. On Linux servers, only files within the WordPress install will be deleted, but all files can be read.

INFO

Published Date :

Aug. 17, 2024, 3:15 a.m.

Last Modified :

Aug. 19, 2024, 1 p.m.

Remotely Exploitable :

Yes !

Impact Score :

5.8

Exploitability Score :

3.9
Affected Products

The following products are affected by CVE-2024-6500 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-6500 vulnerability anywhere in the article.

  • Cybersecurity News
PoC Exploit Released for Windows Hyper-V Zero-Day Vulnerability CVE-2024-38080

Security researcher Pwndorei published a detailed analysis alongside a proof-of-concept (PoC) exploit code for a patched zero-day vulnerability in Windows Hyper-V, tracked as CVE-2024-38080. This crit ... Read more

Published Date: Sep 17, 2024 (2 months, 3 weeks ago)
  • Cybersecurity News
Fileless Remcos RAT Campaign Leverages CVE-2017-0199 Flaw

Excel document containing pixelated screenshot | Image: TrellixIn a newly uncovered advanced malware campaign, threat actors are using a complex, fileless approach to deliver the Remcos Remote Access ... Read more

Published Date: Sep 13, 2024 (3 months ago)
  • Cybersecurity News
Fortinet Faces Potential Data Breach, Customer Data at Risk

In a concerning development for cybersecurity giant Fortinet, a potential data breach has come to light, raising alarms about the security of sensitive customer information. The incident reportedly af ... Read more

Published Date: Sep 12, 2024 (3 months ago)
  • Cybersecurity News
WhatsUp Gold Under Attack: New RCE Vulnerabilities Exploited

Timeline how the WhatsUp Gold Active Monitor PowerShell Script was abused | Image: Trend MicroTrend Micro researchers have uncovered a series of remote code execution (RCE) attacks targeting WhatsUp G ... Read more

Published Date: Sep 12, 2024 (3 months ago)
  • Cybersecurity News
Threat Actors Exploit GeoServer Vulnerability CVE-2024-36401 to Launch Malware Campaigns

Cybersecurity researchers at FortiGuard Labs have observed multiple campaigns targeting a critical vulnerability in GeoServer, an open-source geospatial data server. Identified as CVE-2024-36401, this ... Read more

Published Date: Sep 07, 2024 (3 months, 1 week ago)
  • Cybersecurity News
New Snake Keylogger Variant Slithers Into Phishing Campaigns

Fortinet’s FortiGuard Labs has unearthed a new variant of the notorious Snake Keylogger, delivered through a malicious Excel document in a phishing campaign. This keylogger, also known as “404 Keylogg ... Read more

Published Date: Aug 30, 2024 (3 months, 2 weeks ago)
  • Cybersecurity News
Fake Palo Alto Tool Delivers Sophisticated Malware in Middle East Cyberattack

Infection chain of an attack | Image: TrendMicroTrend Micro researchers have identified a sophisticated malware campaign specifically targeting organizations in the Middle East. This campaign leverage ... Read more

Published Date: Aug 29, 2024 (3 months, 2 weeks ago)
  • Cybersecurity News
Cryptojacking Campaign Exploits Atlassian Confluence CVE-2023-22527 Vulnerability

Attack chain used in the second attack vectorTrend Micro researchers have uncovered a widespread cryptojacking campaign leveraging a critical vulnerability (CVE-2023-22527) in the Atlassian Confluence ... Read more

Published Date: Aug 28, 2024 (3 months, 2 weeks ago)
  • Cybersecurity News
Centreon Issues Critical Security Update: SQL Injection Vulnerabilities Threaten IT Monitoring

Centreon, a widely-used open-source monitoring solution, has issued a critical security bulletin addressing multiple SQL injection vulnerabilities in its Centreon Web interface. These vulnerabilities, ... Read more

Published Date: Aug 27, 2024 (3 months, 2 weeks ago)
  • Cybersecurity News
CVE-2024-28000 (CVSS 9.8): Active Exploitation of Litespeed Cache Vulnerability, 5 Million WordPress Sites at Risk of Complete Takeover

A critical security vulnerability (CVE-2024-28000, CVSS 9.8) in the widely-used Litespeed Cache plugin for WordPress has been disclosed, leaving over 5 million websites at risk of complete takeover. T ... Read more

Published Date: Aug 21, 2024 (3 months, 3 weeks ago)
  • The Hacker News
GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk

WordPress / Cybersecurity A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution a ... Read more

Published Date: Aug 21, 2024 (3 months, 3 weeks ago)
  • Cybersecurity News
10,000+ WordPress Sites at Risk: Critical File Deletion Flaw Found in InPost Plugins

A critical vulnerability, tracked as CVE-2024-6500 (CVSS 10), has been uncovered in two popular WordPress plugins, InPost PL and InPost for WooCommerce, leaving over 10,000 websites susceptible to com ... Read more

Published Date: Aug 18, 2024 (3 months, 3 weeks ago)

The following table lists the changes that have been made to the CVE-2024-6500 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Received by [email protected]

    Aug. 17, 2024

    Action Type Old Value New Value
    Added Description The InPost for WooCommerce plugin and InPost PL plugin for WordPress are vulnerable to unauthorized access and deletion of data due to a missing capability check on the 'parse_request' function in all versions up to, and including, 1.4.0 (for InPost for WooCommerce) as well as 1.4.4 (for InPost PL). This makes it possible for unauthenticated attackers to read and delete arbitrary files on Windows servers. On Linux servers, only files within the WordPress install will be deleted, but all files can be read.
    Added Reference Wordfence https://www.wordfence.com/threat-intel/vulnerabilities/id/7b57e750-71ec-4c52-999b-6c14a78c3bff?source=cve [No types assigned]
    Added Reference Wordfence https://plugins.trac.wordpress.org/browser/woo-inpost/trunk/classes/class-helper.php#L140 [No types assigned]
    Added Reference Wordfence https://plugins.trac.wordpress.org/browser/woo-inpost/trunk/classes/class-helper.php#L216 [No types assigned]
    Added Reference Wordfence https://plugins.trac.wordpress.org/browser/inpost-for-woocommerce/trunk/src/InspireLabs/WoocommerceInpost/EasyPack_Helper.php#L267 [No types assigned]
    Added Reference Wordfence https://plugins.trac.wordpress.org/browser/inpost-for-woocommerce/trunk/src/InspireLabs/WoocommerceInpost/EasyPack_Helper.php#L75 [No types assigned]
    Added Reference Wordfence https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3115602%40inpost-for-woocommerce%2Ftrunk&old=3110579%40inpost-for-woocommerce%2Ftrunk&sfp_email=&sfph_mail= [No types assigned]
    Added Reference Wordfence https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3125034%40woo-inpost%2Ftrunk&old=2886304%40woo-inpost%2Ftrunk&sfp_email=&sfph_mail= [No types assigned]
    Added CWE Wordfence CWE-862
    Added CVSS V3.1 Wordfence AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-6500 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-6500 weaknesses.

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability