Security Vulnerability in WordPress Plugin CVE-2024-2876

Bar Refael

April 17, 2024

A critical security vulnerability has been identified in the “Email Subscribers by Icegram Express” WordPress plugin, posing severe risks to over 90,000 websites. The vulnerability, tracked as CVE-2024-2876, is a SQL injection flaw that enables unauthenticated attackers to execute malicious SQL queries within the affected WordPress databases. This exploit can lead to the extraction of sensitive information such as usernames, email addresses, password hashes, and subscriber lists.

Vulnerability Details

  • CVE-ID: CVE-2024-2876
  • CVSS Score: 9.8 (Critical)
  • Vulnerable Versions: Up to version 5.7.14
  • Patched Version: 5.7.15 and above

Exploit Mechanism

The vulnerability exists within the “run” function of the plugin’s IG_ES_Subscribers_Query class. By manipulating user inputs that are improperly sanitized, attackers can inject unauthorized SQL code, impacting the integrity and confidentiality of data stored in the WordPress database.

Immediate Recommendations

  • Update Immediately: If you are using the “Email Subscribers by Icegram Express” plugin, upgrade to version 5.7.15 or newer as soon as possible to apply the security fix.
  • Audit Your Plugins: Regularly review and update all WordPress plugins and themes to their latest versions.
  • Install Security Plugins: Utilize reputable WordPress security plugins to enhance defense against SQL injection and other types of cyber attacks.
  • Enforce Strong Password Policies: Ensure that all accounts related to your WordPress site use strong, unique passwords to reduce the risk of unauthorized access stemming from compromised credentials.

Impact of Non-Compliance

Failing to update the affected plugin can leave websites susceptible to data breaches, unauthorized access, and potential exploitation for further network compromise. Given the severity of this vulnerability and its widespread use, it is critical that all affected parties take immediate action to secure their installations.

Stay Secure. Stay Informed.

OP Innovate Research Team.

Under Cyber Attack?

Fill out the form and we will contact you immediately.

Get OP Innovate CTI Alerts

Leave your email and get critical updates and alerts straight to your inbox