Two major vulnerabilities have been discovered in a popular WordPress plugin used for spam protection, exposing over 200,000 websites to potential attacks. The plugin, widely promoted as a comprehensive anti-spam solution, is at risk of exploitation by attackers who could install and enable malicious plugins, potentially leading to remote code execution.
These vulnerabilities, identified as CVE-2024-10542 and CVE-2024-10781, received a critical CVSS score of 9.8. They were addressed in the plugin’s latest updates, versions 6.44 and 6.45. Researchers highlighted that these issues stem from an authorization bypass flaw, allowing hackers to manipulate plugins without proper authentication.
For example, CVE-2024-10781 results from a missing validation check on the “api_key” value within the “perform” function. Meanwhile, CVE-2024-10542 involves reverse DNS spoofing, enabling unauthorized access to sensitive functions. Together, these weaknesses give attackers the ability to install, activate, deactivate, or even uninstall plugins remotely.
This alarming discovery has prompted warnings to plugin users to immediately update to the latest versions to protect their sites from possible exploitation. Failure to update leaves websites vulnerable to malicious activities, including the injection of harmful code, the theft of admin credentials, and the redirection of users to fraudulent websites.
The findings coincide with recent reports of widespread attacks targeting compromised WordPress sites. These attacks involve tactics like injecting malicious ads, stealing login credentials, and deploying malware to execute harmful PHP scripts. Such incidents emphasize the ongoing threat to website security posed by vulnerabilities in widely used plugins.
To mitigate these risks, WordPress users must act promptly. Update the plugin to the latest patched version to block potential exploits. Regularly check for updates on all installed plugins and themes to stay ahead of security vulnerabilities.
Use reliable security tools to monitor for suspicious activity and block unauthorized access. Additionally, consider employing strong authentication methods like two-factor authentication to enhance your site’s security.