Closed OccamsXor closed 4 months ago
Hi there,
I would like to start implementing a plugin to detect WordPress Bricks Builder Plugin Unauthenticated RCE (CVE-2024-25600).
https://snicco.io/vulnerability-disclosure/bricks/unauthenticated-rce-in-bricks-1-9-6 https://www.imperva.com/blog/imperva-successfully-defends-against-cve-2024-25600-in-wordpress-bricks-builder/
Description: Bricks <= 1.9.6 is vulnerable to unauthenticated remote code execution (RCE) which means that anybody can run arbitrary commands and take over the site/server
Versions: Wordpress Bricks Builder Plugin <= 1.9.6
Active installs: Commercial ~ 25000
I will send the PR if it is valid for the scope. Thank you.
I'm closing this issue because the license of Bricks Builder Plugin does not allow creating docker containers from created websites.
Hi there,
I would like to start implementing a plugin to detect WordPress Bricks Builder Plugin Unauthenticated RCE (CVE-2024-25600).
https://snicco.io/vulnerability-disclosure/bricks/unauthenticated-rce-in-bricks-1-9-6 https://www.imperva.com/blog/imperva-successfully-defends-against-cve-2024-25600-in-wordpress-bricks-builder/
Description: Bricks <= 1.9.6 is vulnerable to unauthenticated remote code execution (RCE) which means that anybody can run arbitrary commands and take over the site/server
Versions: Wordpress Bricks Builder Plugin <= 1.9.6
Active installs: Commercial ~ 25000
I will send the PR if it is valid for the scope. Thank you.