CVE-2024-11143 - Kognetiks Chatbot for WordPress Plugin CSRF Vulnerability: Exploit Details, Solutions, and References

The Kognetiks Chatbot for WordPress plugin is a popular tool for integrating AI-driven chatbot assistants into websites. However, a recent vulnerability (CVE-2024-11143) has been discovered, affecting all versions up to and including 2.1.8. The vulnerability pertains to Cross-Site Request Forgery (CSRF) risks due to incorrect or missing nonce validation on the update_assistant, add_new_assistant, and delete_assistant functions. Unauthenticated attackers can potentially exploit this vulnerability to modify assistants via a forged request, provided that they can deceive a site administrator into performing an action such as clicking a link. This post will delve into the exploit details, how to fix the issue, and the original references.

Exploit Details and Code Snippet

A CSRF vulnerability exists in the Kognetiks Chatbot for WordPress plugin, which results from improper or missing nonce validation on the update_assistant, add_new_assistant, and delete_assistant functions.

The following code snippet illustrates the affected part of the code in the plugin

function kognetiks_chatbot_process_form() {
   // Missing or incorrect nonce validation
   if(isset($_POST['kognetiks_chatbot_save']) && $_POST['kognetiks_chatbot_save'] === 'Save'){
      update_assistant();
   }elseif (isset($_POST['kognetiks_chatbot_add_new']) && $_POST['kognetiks_chatbot_add_new'] === 'Add New') {
      add_new_assistant();
   }elseif (isset($_POST['kognetiks_chatbot_delete']) && $_POST['kognetiks_chatbot_delete'] === 'Delete') {
      delete_assistant();
   }
}

add_action('admin_init', 'kognetiks_chatbot_process_form');

Here, a proper nonce check is absent, resulting in a CSRF vulnerability. An attacker could create a malicious link or attachment using an HTML form that makes a POST request to the vulnerable functions, then trick an administrator into clicking on it. This action would potentially allow the attacker to modify chatbot assistants as part of a CSRF attack.

Solution

A patch has been released for Kognetiks Chatbot for WordPress, which users can access by updating their plugin to version 2.1.9 or later. This update includes proper nonce validation, addressing the CSRF vulnerability and preventing potential attacks.

To further enhance security, website administrators should remain vigilant and exercise caution when clicking links or downloading attachments, especially from unknown sources.

Original References

1. CVE-2024-11143 Official Listing

2. Kognetiks Chatbot for WordPress Plugin Homepage

3. Kognetiks Chatbot for WordPress 2.1.9 Update

4. Cross-Site Request Forgery Explained

Conclusion

While Kognetiks Chatbot for WordPress offers valuable functionality for website developers, the recent CSRF vulnerability (CVE-2024-11143) highlights the importance of ongoing security updates and user awareness. By staying up-to-date with the latest plugin versions, understanding potential exploit methods, and using caution when handling unfamiliar links and attachments, website administrators can help protect their sites from unauthorized alterations and other security threats.

Timeline

Published on: 11/13/2024 03:15:05 UTC
Last modified on: 11/18/2024 15:03:56 UTC