Login Sign Up

CVE-2024-50531

10.0 CRITICAL

📋 TL;DR

This vulnerability allows attackers to upload arbitrary files, including web shells, to WordPress sites running the RSVPMaker for Toastmasters plugin. Attackers can gain full control of affected websites, potentially compromising all site data and functionality. All WordPress installations using vulnerable versions of this plugin are affected.

💻 Affected Systems

Products:
  • RSVPMaker for Toastmasters WordPress plugin
Versions: All versions up to and including 6.2.4
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Requires WordPress installation with plugin activated.

📦 What is this software?

Rsvpmaker by Carrcommunications

View all CVEs affecting Rsvpmaker →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete website takeover, data theft, defacement, malware distribution, and use as pivot point for attacking other systems.

🟠

Likely Case

Website compromise leading to data theft, defacement, or installation of backdoors for persistent access.

🟢

If Mitigated

Limited impact if file uploads are restricted via web application firewall or other controls.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access but is straightforward once access is obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 6.2.5 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/rsvpmaker-for-toastmasters/wordpress-rsvpmaker-for-toastmasters-plugin-6-2-4-arbitrary-file-upload-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find RSVPMaker for Toastmasters. 4. Click 'Update Now' if available. 5. Alternatively, download latest version from WordPress repository and replace plugin files.

🔧 Temporary Workarounds

Disable plugin

all

Temporarily deactivate the vulnerable plugin until patched.

Restrict file uploads via .htaccess

linux

Block execution of uploaded files in upload directories.

<FilesMatch "\.(php|php5|php7|phtml|phar)$">
  Order Allow,Deny
  Deny from all
</FilesMatch>

🧯 If You Can't Patch

  • Disable the RSVPMaker for Toastmasters plugin immediately.
  • Implement web application firewall rules to block malicious file uploads.

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins for RSVPMaker for Toastmasters version 6.2.4 or earlier.

Check Version:

wp plugin list --name=rsvpmaker-for-toastmasters --field=version

Verify Fix Applied:

Verify plugin version is 6.2.5 or later in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file uploads to wp-content/uploads/rsvpmaker directories
  • POST requests to plugin upload endpoints with executable file extensions

Network Indicators:

  • HTTP POST requests with file uploads to RSVPMaker endpoints
  • Subsequent requests to newly uploaded PHP files

SIEM Query:

source="web_server" AND (uri_path="/wp-content/plugins/rsvpmaker-for-toastmasters/*" AND method="POST" AND file_extension IN ("php", "phtml", "phar"))

📊 Metadata

CVE ID: CVE-2024-50531
CVSS v3 Score: 10.0 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE: CWE-434
Published: November 4, 2024
Last Updated: November 6, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-50531, you might also want to check these:

CVE-2024-52490 10.0

This vulnerability allows attackers to upload arbitrary files, including web shells, to Pathomation ...

Same vulnerability type (CWE-434)
CVE-2024-43160 10.0

CVE-2024-43160 is an unauthenticated arbitrary file upload vulnerability in the BerqWP WordPress plu...

Same vulnerability type (CWE-434)
CVE-2024-8940 10.0

CVE-2024-8940 is a critical unrestricted file upload vulnerability in Scriptcase version 9.4.019 tha...

Same vulnerability type (CWE-434)