CVE-2024-35635
📋 TL;DR
This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in the Ninja Tables WordPress plugin by WPManageNinja LLC. It allows attackers to make unauthorized requests from the vulnerable server to internal or external systems. WordPress sites using affected versions of Ninja Tables are vulnerable.
💻 Affected Systems
- Ninja Tables WordPress Plugin
📦 What is this software?
Ninja Tables by Wpmanageninja
⚠️ Risk & Real-World Impact
Worst Case
Attackers could access internal services, perform port scanning, interact with cloud metadata services, or chain with other vulnerabilities to achieve remote code execution.
Likely Case
Information disclosure from internal services, limited internal network reconnaissance, or abuse of server resources for external attacks.
If Mitigated
Limited impact if network segmentation restricts server outbound connections and internal services require authentication.
🎯 Exploit Status
Exploitation likely requires some level of WordPress user access, though specific authentication requirements aren't detailed in available references.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 5.1.0 or later
Vendor Advisory: https://patchstack.com/database/vulnerability/ninja-tables/wordpress-ninja-tables-plugin-5-0-9-server-side-request-forgery-ssrf-vulnerability?_s_id=cve
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Ninja Tables and click 'Update Now'. 4. Verify version is 5.1.0 or higher.
🔧 Temporary Workarounds
Disable Ninja Tables Plugin
allTemporarily deactivate the vulnerable plugin until patching is possible.
wp plugin deactivate ninja-tables
Network Restriction
linuxRestrict outbound HTTP/HTTPS requests from the web server to only necessary destinations.
🧯 If You Can't Patch
- Implement web application firewall (WAF) rules to block SSRF patterns in requests
- Restrict server outbound network access using firewall rules
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel > Plugins > Ninja Tables version. If version is 5.0.9 or lower, the site is vulnerable.Check Version:
wp plugin get ninja-tables --field=versionVerify Fix Applied:
After updating, confirm Ninja Tables version is 5.1.0 or higher in WordPress admin.📡 Detection & Monitoring
Log Indicators:
- Unusual outbound HTTP requests from web server to internal IPs or unexpected domains
- Multiple rapid requests to different internal endpoints from same source
Network Indicators:
- Web server making unexpected HTTP requests to internal network segments
- Requests to cloud metadata services (169.254.169.254, etc.)
SIEM Query:
source="web_server_logs" AND (uri CONTAINS "ninja-tables" OR user_agent CONTAINS "NinjaTables") AND (status_code=200 OR status_code=302) AND (dst_ip IN internal_ranges OR dst_ip=169.254.169.254)🔗 References
- https://patchstack.com/database/vulnerability/ninja-tables/wordpress-ninja-tables-plugin-5-0-9-server-side-request-forgery-ssrf-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/ninja-tables/wordpress-ninja-tables-plugin-5-0-9-server-side-request-forgery-ssrf-vulnerability?_s_id=cve
