{"id":10371,"date":"2025-04-18T20:09:02","date_gmt":"2025-04-18T13:09:02","guid":{"rendered":"https:\/\/infosec.new88088.net\/?p=10371"},"modified":"2026-02-03T20:10:44","modified_gmt":"2026-02-03T13:10:44","slug":"lo-hong-rce-trong-plugin-wordpress-de-doa-hang-chuc-nghin-website","status":"publish","type":"post","link":"https:\/\/infosec.new88088.net\/2025\/04\/18\/lo-hong-rce-trong-plugin-wordpress-de-doa-hang-chuc-nghin-website\/","title":{"rendered":"L\u1ed7 h\u1ed5ng RCE trong plugin WordPress \u0111e d\u1ecda h\u00e0ng ch\u1ee5c ngh\u00ecn website"},"content":{"rendered":"

M\u1ed9t l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt nghi\u00eam tr\u1ecdng v\u1eeba \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n trong RomethemeKit For Elementor, m\u1ed9t plugin WordPress ph\u1ed5 bi\u1ebfn hi\u1ec7n \u0111ang \u0111\u01b0\u1ee3c tri\u1ec3n khai tr\u00ean h\u01a1n 30.000 website tr\u00ean to\u00e0n c\u1ea7u. L\u1ed7 h\u1ed5ng n\u00e0y c\u00f3 th\u1ec3 cho ph\u00e9p ng\u01b0\u1eddi d\u00f9ng \u0111\u00e3 x\u00e1c th\u1ef1c th\u1ef1c hi\u1ec7n th\u1ef1c thi m\u00e3 t\u1eeb xa (Remote Code Execution \u2013 RCE), t\u1eeb \u0111\u00f3 chi\u1ebfm quy\u1ec1n ki\u1ec3m so\u00e1t ho\u00e0n to\u00e0n website v\u00e0 m\u00e1y ch\u1ee7 l\u01b0u tr\u1eef. Nguy\u00ean nh\u00e2n ch\u00ednh xu\u1ea5t ph\u00e1t t\u1eeb vi\u1ec7c plugin c\u1ea5p quy\u1ec1n kh\u00f4ng \u0111\u00fang c\u00e1ch v\u00e0 thi\u1ebfu c\u00e1c c\u01a1 ch\u1ebf ki\u1ec3m tra b\u1ea3o m\u1eadt c\u1ea7n thi\u1ebft.<\/p>\n

\"\"<\/p>\n

L\u1ed7 h\u1ed5ng \u0111\u01b0\u1ee3c \u0111\u1ecbnh danh l\u00e0 CVE-2025-30911 v\u00e0 \u0111\u01b0\u1ee3c \u0111\u00e1nh gi\u00e1 m\u1ee9c \u0111\u1ed9 r\u1ea5t nghi\u00eam tr\u1ecdng v\u1edbi \u0111i\u1ec3m CVSS 9.9\/10. Theo ph\u00e2n t\u00edch k\u1ef9 thu\u1eadt, \u0111i\u1ec3m y\u1ebfu n\u1eb1m trong h\u00e0m install_requirements() c\u1ee7a plugin, h\u00e0m n\u00e0y c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c g\u1ecdi th\u00f4ng qua hook wp_ajax_install_requirements. Tuy nhi\u00ean, h\u00e0m l\u1ea1i kh\u00f4ng th\u1ef1c hi\u1ec7n ki\u1ec3m tra quy\u1ec1n truy c\u1eadp ng\u01b0\u1eddi d\u00f9ng c\u0169ng nh\u01b0 kh\u00f4ng x\u00e1c th\u1ef1c nonce \u2013 m\u1ed9t c\u01a1 ch\u1ebf quan tr\u1ecdng trong WordPress nh\u1eb1m ng\u0103n ch\u1eb7n c\u00e1c y\u00eau c\u1ea7u gi\u1ea3 m\u1ea1o.<\/p>\n

Do thi\u1ebfu c\u00e1c l\u1edbp b\u1ea3o v\u1ec7 n\u00e0y, b\u1ea5t k\u1ef3 ng\u01b0\u1eddi d\u00f9ng n\u00e0o \u0111\u00e3 \u0111\u0103ng nh\u1eadp v\u00e0o website, k\u1ec3 c\u1ea3 t\u00e0i kho\u1ea3n c\u00f3 vai tr\u00f2 th\u1ea5p nh\u1ea5t nh\u01b0 Subscriber, \u0111\u1ec1u c\u00f3 th\u1ec3 khai th\u00e1c l\u1ed7 h\u1ed5ng. K\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 t\u00f9y \u00fd k\u00edch ho\u1ea1t v\u00e0 c\u00e0i \u0111\u1eb7t plugin tr\u00ean website, bao g\u1ed3m c\u1ea3 c\u00e1c plugin \u0111\u1ed9c h\u1ea1i do ch\u00fang ki\u1ec3m so\u00e1t. Khi plugin \u0111\u1ed9c h\u1ea1i \u0111\u01b0\u1ee3c c\u00e0i \u0111\u1eb7t v\u00e0 k\u00edch ho\u1ea1t th\u00e0nh c\u00f4ng, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 th\u1ef1c thi m\u00e3 t\u00f9y \u00fd tr\u00ean m\u00e1y ch\u1ee7, t\u1eeb \u0111\u00f3 chi\u1ebfm quy\u1ec1n ki\u1ec3m so\u00e1t website, \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u, ch\u00e8n m\u00e3 \u0111\u1ed9c ho\u1eb7c s\u1eed d\u1ee5ng h\u1ec7 th\u1ed1ng l\u00e0m b\u00e0n \u0111\u1ea1p cho c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng ti\u1ebfp theo.<\/p>\n

RomethemeKit For Elementor l\u00e0 plugin \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf nh\u1eb1m h\u1ed7 tr\u1ee3 ng\u01b0\u1eddi d\u00f9ng x\u00e2y d\u1ef1ng website nhanh ch\u00f3ng v\u1edbi Elementor, cung c\u1ea5p nhi\u1ec1u m\u1eabu giao di\u1ec7n, widget, bi\u1ec3u t\u01b0\u1ee3ng v\u00e0 kh\u1ed1i thi\u1ebft k\u1ebf s\u1eb5n. Nh\u1edd h\u01b0\u1edbng \u0111\u1ebfn nh\u00f3m ng\u01b0\u1eddi d\u00f9ng kh\u00f4ng chuy\u00ean l\u1eadp tr\u00ecnh, plugin n\u00e0y \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng r\u1ed9ng r\u00e3i trong c\u00e1c website doanh nghi\u1ec7p nh\u1ecf, blog c\u00e1 nh\u00e2n v\u00e0 c\u1eeda h\u00e0ng tr\u1ef1c tuy\u1ebfn. Ch\u00ednh v\u00ec m\u1ee9c \u0111\u1ed9 ph\u1ed5 bi\u1ebfn n\u00e0y, l\u1ed7 h\u1ed5ng CVE-2025-30911 \u0111\u01b0\u1ee3c \u0111\u00e1nh gi\u00e1 l\u00e0 c\u00f3 ph\u1ea1m vi \u1ea3nh h\u01b0\u1edfng l\u1edbn v\u00e0 \u0111\u1eb7c bi\u1ec7t nguy hi\u1ec3m n\u1ebfu b\u1ecb khai th\u00e1c h\u00e0ng lo\u1ea1t.<\/p>\n

C\u00e1c chuy\u00ean gia an ninh m\u1ea1ng khuy\u1ebfn c\u00e1o qu\u1ea3n tr\u1ecb vi\u00ean WordPress c\u1ea7n ki\u1ec3m tra ngay xem website c\u1ee7a m\u00ecnh c\u00f3 \u0111ang s\u1eed d\u1ee5ng RomethemeKit For Elementor hay kh\u00f4ng. N\u1ebfu c\u00f3, c\u1ea7n n\u00e2ng c\u1ea5p l\u00ean phi\u00ean b\u1ea3n 1.5.5 ho\u1eb7c m\u1edbi h\u01a1n, n\u01a1i l\u1ed7 h\u1ed5ng \u0111\u00e3 \u0111\u01b0\u1ee3c nh\u00e0 ph\u00e1t tri\u1ec3n v\u00e1 ho\u00e0n to\u00e0n. B\u00ean c\u1ea1nh \u0111\u00f3, qu\u1ea3n tr\u1ecb vi\u00ean c\u0169ng n\u00ean r\u00e0 so\u00e1t l\u1ea1i c\u00e1c t\u00e0i kho\u1ea3n ng\u01b0\u1eddi d\u00f9ng, h\u1ea1n ch\u1ebf c\u1ea5p quy\u1ec1n \u0111\u0103ng nh\u1eadp kh\u00f4ng c\u1ea7n thi\u1ebft, \u0111\u1ed3ng th\u1eddi tri\u1ec3n khai c\u00e1c bi\u1ec7n ph\u00e1p b\u1ea3o m\u1eadt b\u1ed5 sung nh\u01b0 t\u01b0\u1eddng l\u1eeda \u1ee9ng d\u1ee5ng web (WAF) v\u00e0 gi\u00e1m s\u00e1t ho\u1ea1t \u0111\u1ed9ng b\u1ea5t th\u01b0\u1eddng. Vi\u1ec7c c\u1eadp nh\u1eadt k\u1ecbp th\u1eddi v\u00e0 qu\u1ea3n l\u00fd quy\u1ec1n truy c\u1eadp ch\u1eb7t ch\u1ebd l\u00e0 y\u1ebfu t\u1ed1 then ch\u1ed1t \u0111\u1ec3 gi\u1ea3m thi\u1ec3u r\u1ee7i ro tr\u01b0\u1edbc c\u00e1c l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng trong h\u1ec7 sinh th\u00e1i WordPress.<\/p>\n","protected":false},"excerpt":{"rendered":"

M\u1ed9t l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt nghi\u00eam tr\u1ecdng v\u1eeba \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n trong RomethemeKit For Elementor, m\u1ed9t plugin WordPress ph\u1ed5 bi\u1ebfn hi\u1ec7n \u0111ang \u0111\u01b0\u1ee3c tri\u1ec3n khai tr\u00ean h\u01a1n 30.000 website tr\u00ean to\u00e0n c\u1ea7u. L\u1ed7 h\u1ed5ng n\u00e0y c\u00f3 th\u1ec3 cho ph\u00e9p ng\u01b0\u1eddi d\u00f9ng \u0111\u00e3 x\u00e1c th\u1ef1c th\u1ef1c hi\u1ec7n th\u1ef1c thi m\u00e3 t\u1eeb xa (Remote Code Execution \u2013 […]<\/p>\n","protected":false},"author":46,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[33],"tags":[],"class_list":["post-10371","post","type-post","status-publish","format-standard","hentry","category-tin-tuc-cua-vien"],"_links":{"self":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/posts\/10371","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/users\/46"}],"replies":[{"embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/comments?post=10371"}],"version-history":[{"count":0,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/posts\/10371\/revisions"}],"wp:attachment":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/media?parent=10371"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/categories?post=10371"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/tags?post=10371"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}