Critical Flaws Discovered in Jupiter X Core WordPress Plugin Affecting Over 90,000 Sites
Security researchers have uncovered two critical vulnerabilities in the Jupiter X Core WordPress plugin, impacting over 90,000 websites. The flaws could allow unauthenticated attackers to take complete control of a website or hijack user accounts, including administrator accounts.
- CVE-2024-7772: A Gateway to Remote Code Execution
The first vulnerability, tracked as CVE-2024-7772, is an arbitrary file upload flaw with a CVSS score of 9.8, indicating its critical severity. This flaw arises from a mishandling of file type validation, allowing attackers to upload malicious files that could lead to remote code execution, ultimately enabling them to take complete control of a vulnerable website.
- CVE-2024-7781: Bypassing Authentication and Taking Over Accounts
The second vulnerability, identified as CVE-2024-7781, is a limited authentication bypass vulnerability that could lead to account takeover. It stems from improper authentication via the Social Login widget, allowing attackers to log in as the first user who used a social media account, even if the Social Login feature has been disabled.
These vulnerabilities were discovered and responsibly disclosed by Geo Void through the Wordfence Bug Bounty Program, earning them a total bounty of $3,835.00. Also, Geo published the technical details for both flaws [1, 2].
All users of the Jupiter X Core plugin are strongly urged to update their installations to the latest patched version, 4.7.8, as soon as possible. Failing to do so could leave your website exposed to malicious attacks with potentially severe consequences.
