CVE-2024-12877

{"id": "CVE-2024-12877", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "security@wordfence.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-01-11T08:15:26.127", "references": [{"url": "https://plugins.trac.wordpress.org/changeset/3212723/give/tags/3.19.3/src/Helpers/Utils.php", "tags": ["Patch"], "source": "security@wordfence.com"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b2143edf-5423-4e79-8638-a5b98490d292?source=cve", "tags": ["Third Party Advisory"], "source": "security@wordfence.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security@wordfence.com", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "The GiveWP \u2013 Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.19.2 via deserialization of untrusted input from the donation form like 'firstName'. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to delete arbitrary files on the server that makes remote code execution possible. Please note this was only partially patched in 3.19.3, a fully sufficient patch was not released until 3.19.4. However, another CVE was assigned by another CNA for version 3.19.3 so we will leave this as affecting 3.19.2 and before. We have recommended the vendor use JSON encoding to prevent any further deserialization vulnerabilities from being present."}, {"lang": "es", "value": "El complemento GiveWP \u2013 Donation Plugin and Fundraising Platform para WordPress es vulnerable a la inyecci\u00f3n de objetos PHP en todas las versiones hasta la 3.19.2 incluida, a trav\u00e9s de la deserializaci\u00f3n de datos no confiables del formulario de donaci\u00f3n, como \"firstName\". Esto permite que atacantes no autenticados inyecten un objeto PHP. La presencia adicional de una cadena POP permite a los atacantes eliminar archivos arbitrarios en el servidor, lo que hace posible la ejecuci\u00f3n remota de c\u00f3digo. Tenga en cuenta que esto solo se solucion\u00f3 parcialmente en la versi\u00f3n 3.19.3; no se lanz\u00f3 un parche completamente suficiente hasta la versi\u00f3n 3.19.4. Sin embargo, otro CNA asign\u00f3 otra CVE para la versi\u00f3n 3.19.3, por lo que dejaremos que esto afecte a la versi\u00f3n 3.19.2 y anteriores. Hemos recomendado al proveedor que utilice codificaci\u00f3n JSON para evitar que se presenten m\u00e1s vulnerabilidades de deserializaci\u00f3n."}], "lastModified": "2025-02-25T15:53:19.030", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:givewp:givewp:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "FA789624-B2FF-479C-AB1F-9AC21DBA013F", "versionEndIncluding": "3.19.2"}], "operator": "OR"}]}], "sourceIdentifier": "security@wordfence.com"}