CVE-2024-11109 – This vulnerability in the WP Google Review Slid... (How to Fix)

Q: What is the severity of CVE-2024-11109?

CVE-2024-11109 has a CVSS score of 4.8 (MEDIUM). This vulnerability in the WP Google Review Slider WordPress plugin allows administrators to inject malicious scripts into plugin settings, which then execute when other users view those settings. It affects WordPress sites using the plugin before version 15.6, particularly in multisite configurations where unfiltered_html is restricted.

📋 TL;DR

This vulnerability in the WP Google Review Slider WordPress plugin allows administrators to inject malicious scripts into plugin settings, which then execute when other users view those settings. It affects WordPress sites using the plugin before version 15.6, particularly in multisite configurations where unfiltered_html is restricted.

💻 Affected Systems

Products:

WP Google Review Slider WordPress Plugin

Versions: All versions before 15.6

Operating Systems: All operating systems running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires admin-level access to exploit. Particularly relevant in WordPress multisite installations where unfiltered_html capability is restricted.

📦 What is this software?

Wp Google Review Slider by Ljapps

View all CVEs affecting Wp Google Review Slider →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with admin privileges could inject malicious JavaScript that steals session cookies, redirects users to malicious sites, or performs actions on behalf of authenticated users when they view the affected plugin settings.

🟠

Likely Case

Malicious admin injects tracking scripts or defaces parts of the site visible to other users through the plugin interface.

🟢

If Mitigated

Limited to admin users only, with minimal impact if proper user access controls and content security policies are implemented.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires admin privileges. The vulnerability is in plugin settings that don't properly sanitize input.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 15.6

Vendor Advisory: https://wpscan.com/vulnerability/93619da1-a8d6-43b6-b1be-8d50ab6f29f7/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'WP Google Review Slider' and click 'Update Now'. 4. Verify version shows 15.6 or higher after update.

🔧 Temporary Workarounds

Temporary Plugin Deactivation

all

Deactivate the plugin until it can be updated to a secure version.

wp plugin deactivate wp-google-review-slider

Restrict Admin Access

all

Temporarily restrict or audit admin user accounts to prevent exploitation.

🧯 If You Can't Patch

Implement strict Content Security Policy (CSP) headers to mitigate XSS impact
Regularly audit admin user activities and review plugin settings for suspicious content

🔍 How to Verify

Check if Vulnerable:

Check plugin version in WordPress admin under Plugins → Installed Plugins. If version is below 15.6, you are vulnerable.

Check Version:

wp plugin get wp-google-review-slider --field=version

Verify Fix Applied:

After updating, verify the plugin version shows 15.6 or higher in the WordPress admin plugins list.

📡 Detection & Monitoring

Log Indicators:

Unusual modifications to plugin settings by admin users
JavaScript payloads in plugin configuration data

Network Indicators:

Unexpected external script loads from plugin pages
Suspicious outbound connections from admin sessions

SIEM Query:

source="wordpress" AND (event="plugin_settings_modified" OR event="admin_activity") AND plugin="wp-google-review-slider"

📊 Metadata

CVE ID: CVE-2024-11109

CVSS v3 Score: 4.8 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.05% exploit probability (16.8th percentile)

Published: May 15, 2025

Last Updated: June 4, 2025

🔗 References

https://wpscan.com/vulnerability/93619da1-a8d6-43b6-b1be-8d50ab6f29f7/ Exploit,Third Party Advisory
https://wpscan.com/vulnerability/93619da1-a8d6-43b6-b1be-8d50ab6f29f7/ Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-11109, you might also want to check these: