CVE-2024-9193

Name of the Vulnerable Software and Affected Versions The WHMpress - WHMCS WordPress Integration Plugin versions up to, and including, 6.3-revision-0

Description The issue allows unauthenticated attackers to include and execute arbitrary files on the server via the whmpress domain search ajax extended results() function, enabling the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution. Attackers can update arbitrary options on the WordPress site, leveraging the "/admin/services.php" file to update the default role for registration to administrator and enable user registration, thereby gaining administrative user access to a vulnerable site.

Recommendations For versions up to, and including, 6.3-revision-0, as a temporary workaround, consider disabling the whmpress domain search ajax extended results() function until a patch is available. Restrict access to the "/admin/services.php" file to minimize the risk of exploitation. Avoid using this plugin until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.