HTTP: WordPress Better Search Replace Plugin Insecure Deserialization

This signature detects attempts to exploit a known vulnerability against WordPress Better Search Replace Plugin. A successful attack can lead to arbitrary code execution.

Extended Description

The GiveWP Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'give_title' parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to execute code remotely, and to delete arbitrary files.

Affected Products

Givewp givewp

References

CVE: CVE-2024-5932

URL: https://wordpress.org/plugins/give/#developers https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/give/givewp-donation-plugin-and-fundraising-platform-3141-unauthenticated-php-object-injection-to-remote-code-execution

Short Name

HTTP:CTS:WP-BETTER-SEARCH-RCE

Severity

Major

Recommended

False

Recommended Action

Drop

HTTP: WordPress Better Search Replace Plugin Insecure Deserialization

Extended Description

Affected Products

References

Found a potential security threat?