CVE-2024-6164 (GCVE-0-2024-6164)
Vulnerability from cvelistv5 – Published: 2024-07-18 06:00 – Updated: 2024-08-01 21:33
VLAI
Title
Filter & Grids < 2.8.33 - Unauthenticated LFI
Summary
The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the post_layout parameter. This makes it possible for an unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/40bd880e-67a1-41… | exploitvdb-entrytechnical-description |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | Filter & Grids |
Affected:
0 , < 2.8.33
(semver)
|
|
| ymc-22 | filter_\&_grids |
Affected:
0 , < 2.8.33
(semver)
cpe:2.3:a:ymc-22:filter_\&_grids:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ymc-22:filter_\\\u0026_grids:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "filter_\\\u0026_grids",
"vendor": "ymc-22",
"versions": [
{
"lessThan": "2.8.33",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-6164",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-30T17:06:49.485162Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-30T17:13:18.492Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:33:04.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/40bd880e-67a1-4180-b197-8dcadaa0ace4/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Filter \u0026 Grids",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.8.33",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Project Black"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Filter \u0026 Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the post_layout parameter. This makes it possible for an unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-18T06:00:04.048Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/40bd880e-67a1-4180-b197-8dcadaa0ace4/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Filter \u0026 Grids \u003c 2.8.33 - Unauthenticated LFI",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-6164",
"datePublished": "2024-07-18T06:00:04.048Z",
"dateReserved": "2024-06-19T14:33:57.257Z",
"dateUpdated": "2024-08-01T21:33:04.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-6164",
"date": "2026-06-06",
"epss": "0.05301",
"percentile": "0.90209"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ymc-22:filter_\\\\\u0026_grids:*:*:*:*:*:wordpress:*:*\", \"versionEndExcluding\": \"2.8.33\", \"matchCriteriaId\": \"74F46F69-F76B-41DA-8365-5C4259662DBA\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The Filter \u0026 Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the post_layout parameter. This makes it possible for an unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files.\"}, {\"lang\": \"es\", \"value\": \"El complemento Filter \u0026amp; Grids de WordPress anterior a 2.8.33 es vulnerable a la inclusi\\u00f3n de archivos locales a trav\\u00e9s del par\\u00e1metro post_layout. Esto hace posible que un atacante no autenticado incluya y ejecute archivos PHP en el servidor, permitiendo la ejecuci\\u00f3n de cualquier c\\u00f3digo PHP en esos archivos.\"}]",
"id": "CVE-2024-6164",
"lastModified": "2024-11-21T09:49:05.930",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}]}",
"published": "2024-07-18T06:15:02.233",
"references": "[{\"url\": \"https://wpscan.com/vulnerability/40bd880e-67a1-4180-b197-8dcadaa0ace4/\", \"source\": \"contact@wpscan.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://wpscan.com/vulnerability/40bd880e-67a1-4180-b197-8dcadaa0ace4/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-6164\",\"sourceIdentifier\":\"contact@wpscan.com\",\"published\":\"2024-07-18T06:15:02.233\",\"lastModified\":\"2024-11-21T09:49:05.930\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Filter \u0026 Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the post_layout parameter. This makes it possible for an unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files.\"},{\"lang\":\"es\",\"value\":\"El complemento Filter \u0026amp; Grids de WordPress anterior a 2.8.33 es vulnerable a la inclusi\u00f3n de archivos locales a trav\u00e9s del par\u00e1metro post_layout. Esto hace posible que un atacante no autenticado incluya y ejecute archivos PHP en el servidor, permitiendo la ejecuci\u00f3n de cualquier c\u00f3digo PHP en esos archivos.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ymc-22:filter_\\\\\u0026_grids:*:*:*:*:*:wordpress:*:*\",\"versionEndExcluding\":\"2.8.33\",\"matchCriteriaId\":\"74F46F69-F76B-41DA-8365-5C4259662DBA\"}]}]}],\"references\":[{\"url\":\"https://wpscan.com/vulnerability/40bd880e-67a1-4180-b197-8dcadaa0ace4/\",\"source\":\"contact@wpscan.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://wpscan.com/vulnerability/40bd880e-67a1-4180-b197-8dcadaa0ace4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://wpscan.com/vulnerability/40bd880e-67a1-4180-b197-8dcadaa0ace4/\", \"tags\": [\"exploit\", \"vdb-entry\", \"technical-description\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T21:33:04.599Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-6164\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-30T17:06:49.485162Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:ymc-22:filter_\\\\\u0026_grids:*:*:*:*:*:*:*:*\"], \"vendor\": \"ymc-22\", \"product\": \"filter_\\\\\u0026_grids\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.8.33\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-30T17:12:31.340Z\"}}], \"cna\": {\"title\": \"Filter \u0026 Grids \u003c 2.8.33 - Unauthenticated LFI\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Project Black\"}, {\"lang\": \"en\", \"type\": \"coordinator\", \"value\": \"WPScan\"}], \"affected\": [{\"vendor\": \"Unknown\", \"product\": \"Filter \u0026 Grids\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.8.33\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://wpscan.com/vulnerability/40bd880e-67a1-4180-b197-8dcadaa0ace4/\", \"tags\": [\"exploit\", \"vdb-entry\", \"technical-description\"]}], \"x_generator\": {\"engine\": \"WPScan CVE Generator\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The Filter \u0026 Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the post_layout parameter. This makes it possible for an unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81\", \"shortName\": \"WPScan\", \"dateUpdated\": \"2024-07-18T06:00:04.048Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-6164\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T21:33:04.599Z\", \"dateReserved\": \"2024-06-19T14:33:57.257Z\", \"assignerOrgId\": \"1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81\", \"datePublished\": \"2024-07-18T06:00:04.048Z\", \"assignerShortName\": \"WPScan\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…