A critical security flaw, identified as CVE-2024-1071, was discovered in the Ultimate Member plugin for WordPress, affecting over 200,000 active installations. This vulnerability has a high severity CVSS score of 9.8 and allows for SQL injection via the ‘sorting’ parameter due to insufficient input sanitization and preparation of SQL queries. Unauthenticated attackers could exploit this flaw to execute additional SQL queries, potentially leading to the extraction of sensitive data from the database.
Since its announcement, Imperva Threat Research has observed thousands of attempted attacks exploiting this vulnerability, primarily SQL Map payloads attempting to brute-force the vulnerability on sites in the Computing and IT industry. Attack groups, including the pro-Palestinian group “Handala”, are actively exploiting this vulnerability, leading the Israeli and French governments to issue urgent warnings about this bug.
Imperva customers are protected against CVE-2024-1071. Imperva Cloud WAF and On-Prem customers with SecureSphere Emergency Feed enabled are protected out of the box. On-Prem customers without Emergency Feed will need to manually add the signature published via our Customer Portal. Even with protection, we urge our customers to remain vigilant and update their systems with the latest security patches.
The post Imperva Customers are Protected Against New SQL Injection Vulnerability in WordPress Plugin appeared first on Blog.