CVE-2024-32779 – This CVE describes a Missing Authorization vuln... (How to Fix)

Q: What is the severity of CVE-2024-32779?

CVE-2024-32779 has a CVSS score of 5.3 (MEDIUM). This CVE describes a Missing Authorization vulnerability in the Avirtum Vision Interactive WordPress plugin (Vision Image Map Builder). It allows unauthorized users to access functionality that should require proper authentication. This affects all WordPress sites running the plugin from any version up to and including 1.7.1.

📋 TL;DR

This CVE describes a Missing Authorization vulnerability in the Avirtum Vision Interactive WordPress plugin (Vision Image Map Builder). It allows unauthorized users to access functionality that should require proper authentication. This affects all WordPress sites running the plugin from any version up to and including 1.7.1.

💻 Affected Systems

Products:

Avirtum Vision Interactive (Vision Image Map Builder WordPress plugin)

Versions: All versions up to and including 1.7.1

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Affects WordPress installations with the Vision Image Map Builder plugin installed and activated.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Unauthorized users could modify image maps, inject malicious content, or potentially escalate privileges to compromise the WordPress site.

🟠

Likely Case

Unauthorized users can access and modify image map builder functionality, potentially defacing websites or injecting unwanted content.

🟢

If Mitigated

With proper access controls and authentication checks, only authorized administrators can access the plugin's functionality.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability involves missing authorization checks, making exploitation straightforward once the vulnerable endpoint is identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.7.2 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/vision/wordpress-vision-image-map-builder-plugin-1-7-1-broken-access-control-vulnerability

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Vision Image Map Builder' plugin. 4. Click 'Update Now' if update is available. 5. Alternatively, download version 1.7.2+ from WordPress repository and manually update.

🔧 Temporary Workarounds

Disable Plugin

all

Temporarily disable the vulnerable plugin until patched

wp plugin deactivate vision

Restrict Access via .htaccess

linux

Block access to plugin directories via web server configuration

# Add to .htaccess in WordPress root:
<IfModule mod_authz_core.c>
    <LocationMatch "^/wp-content/plugins/vision">
        Require all denied
    </LocationMatch>
</IfModule>

🧯 If You Can't Patch

Remove the Vision Image Map Builder plugin entirely from the WordPress installation
Implement strict network access controls to limit who can access the WordPress admin interface

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins for 'Vision Image Map Builder' version 1.7.1 or earlier

Check Version:

wp plugin get vision --field=version

Verify Fix Applied:

Verify plugin version is 1.7.2 or later in WordPress admin panel

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to /wp-content/plugins/vision/ endpoints
POST requests to vision plugin endpoints from unauthenticated users

Network Indicators:

HTTP requests to /wp-content/plugins/vision/ from unauthorized IPs

SIEM Query:

source="web_access_logs" AND uri="/wp-content/plugins/vision/*" AND (user="-" OR status=403)

📊 Metadata

CVE ID: CVE-2024-32779

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-862

Published: June 9, 2024

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-32779, you might also want to check these: