CVE-2024-5756 (CVSS 9.8): Critical Icegram Express Flaw Puts 90,000 WordPress Sites at Risk
A critical vulnerability in Icegram Express, a popular email marketing plugin for WordPress with over 90,000 active installations, could put sensitive user data at risk. Tracked as CVE-2024-5756 (CVSS 9.8), the flaw allows unauthenticated attackers to inject malicious code into the plugin’s database queries, potentially leading to a massive data breach.
The Threat: SQL Injection
The CVE-2024-5756 vulnerability, identified as a time-based SQL injection, enables attackers to bypass security measures and execute unauthorized commands on the underlying database. This means that threat actors could potentially gain access to customer lists, email addresses, and even personal information stored within the WordPress site.
Widespread Impact
Icegram Express is widely used by businesses and individuals alike to manage email campaigns, build subscriber lists, and send targeted newsletters. The plugin’s popularity, combined with the severity of the vulnerability, makes this a significant cybersecurity concern.
No Known Exploits… Yet
While there are currently no reports of this vulnerability being actively exploited, it is crucial to note that unpatched vulnerabilities are often targeted by cybercriminals. Website owners need to take immediate action to protect their data and their users.
Patch Now!
The developers of Icegram Express have released a security update (version 5.7.24) that addresses the vulnerability. Website owners are strongly advised to update the plugin as soon as possible to mitigate the risk of a data breach.
Expert Advice
Security researcher Arkadiusz Hydzik, who discovered the flaw, emphasizes the importance of promptly patching vulnerabilities. He urges website administrators to take proactive measures to protect their systems and stay vigilant against potential threats.
What to Do if You Use Icegram Express:
- Update Immediately: Upgrade the plugin to the latest version (5.7.24 or higher) without delay.
- Review Your Data: While there is no evidence of active exploitation, it’s wise to audit your database and website logs for any suspicious activity.
- Seek Professional Help: If you’re unsure how to patch the vulnerability or believe your site may have been compromised, consult a cybersecurity professional.