A serious authentication bypass vulnerability has been found in the Really Simple Security (formerly Really Simple SSL) plugin for WordPress.
If exploited, this vulnerability could allow an attacker to remotely obtain full administrative access to an affected site.
The vulnerability tracked as CVE-2024-10924 (CVSS score: 9.8) affects both the free and premium versions of the plugin, which is installed on over 4 million WordPress sites.
Also read: New Android Malware Exploiting Vishing to Steal Sensitive User Data
Route of vulnerability
According to Wordfence, the authentication bypass vulnerability, found in versions 9.0.0 to 9.1.1.1, arises from improper user check error handling in a function called “check_login_and_get_user,” thereby allowing unauthenticated attackers to log in as arbitrary users, including administrators, when two-factor authentication is enabled.
Successful exploitation of the vulnerability could have serious consequences, as it could permit malicious actors to hijack WordPress sites and further use them for criminal purposes.
According to István Márton, a Wordfence security researcher, this vulnerability is scriptable, meaning that it can be turned into a large-scale automated attack, targeting WordPress websites.
Also read: Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware
Incidence response
Following responsible disclosure on November 6, 2024, the shortcoming has been patched in version 9.1.2 released a week later. This risk of possible abuse has prompted the plugin maintainers to work with WordPress to force-update all sites running this plugin prior to public disclosure.
Source: The Hacker News
About Author
