CVE-2024-0779 – The Enjoy Social Feed WordPress plugin through ... (How to Fix)

📋 TL;DR

The Enjoy Social Feed WordPress plugin through version 6.2.2 lacks proper authorization and CSRF protection on admin_init functions, allowing unauthenticated attackers to disconnect users' Instagram accounts. This affects all WordPress sites using vulnerable versions of the plugin.

💻 Affected Systems

Products:

Enjoy Social Feed WordPress Plugin

Versions: through 6.2.2

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all WordPress installations with vulnerable plugin versions enabled.

📦 What is this software?

Enjoy Social Feed by Mediabetaprojects

View all CVEs affecting Enjoy Social Feed →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could disconnect all users' Instagram integrations, potentially disrupting social media functionality and causing service disruption.

🟠

Likely Case

Malicious actors disconnecting Instagram accounts from user profiles, causing inconvenience and potential loss of social media integration.

🟢

If Mitigated

Limited impact with proper network segmentation and monitoring, though functionality could still be disrupted.

🌐 Internet-Facing: HIGH

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple HTTP requests can trigger the vulnerable functions without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 6.2.3 or later

Vendor Advisory: https://wpscan.com/vulnerability/ced134cf-82c5-401b-9476-b6456e1924e2/

Restart Required: No

Instructions:

1. Log into WordPress admin panel
2. Navigate to Plugins → Installed Plugins
3. Find Enjoy Social Feed plugin
4. Click 'Update Now' if available
5. If no update available, deactivate and remove plugin

🔧 Temporary Workarounds

Disable Plugin

all

Temporarily deactivate the Enjoy Social Feed plugin

wp plugin deactivate enjoy-instagram-feed

Restrict Admin Access

all

Block access to admin_init endpoints via web application firewall

🧯 If You Can't Patch

Implement web application firewall rules to block unauthorized access to admin_init endpoints
Monitor for unusual requests to plugin endpoints and implement rate limiting

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel → Plugins → Enjoy Social Feed version number

Check Version:

wp plugin get enjoy-instagram-feed --field=version

Verify Fix Applied:

Verify plugin version is 6.2.3 or higher in WordPress admin

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to admin_init endpoints from unauthenticated IPs
Multiple Instagram disconnect events

Network Indicators:

HTTP requests to /wp-admin/admin-post.php with action parameters related to Instagram disconnection

SIEM Query:

source="web_server" AND (uri_path="/wp-admin/admin-post.php" OR uri_path="/wp-admin/admin-ajax.php") AND (http_method="POST" AND (param_action="unlink_instagram" OR user_agent="*" AND status_code=200 AND auth_status="unauthenticated"))

📊 Metadata

CVE ID: CVE-2024-0779

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-352

Published: March 18, 2024

Last Updated: May 5, 2025

🔗 References

https://wpscan.com/vulnerability/ced134cf-82c5-401b-9476-b6456e1924e2/ Exploit,Third Party Advisory
https://wpscan.com/vulnerability/ced134cf-82c5-401b-9476-b6456e1924e2/ Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-0779, you might also want to check these: