CVE-2024-11429
📋 TL;DR
This vulnerability allows authenticated attackers with contributor-level access or higher to perform Local File Inclusion (LFI) via a WordPress shortcode in the Stars Testimonials plugin. Attackers can include and execute arbitrary PHP files on the server, potentially leading to remote code execution, data theft, or privilege escalation. All WordPress sites using vulnerable versions of this plugin are affected.
💻 Affected Systems
- Stars Testimonials with Slider and Masonry Grid WordPress plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Full server compromise via remote code execution, leading to data exfiltration, ransomware deployment, or complete site takeover.
Likely Case
Unauthorized file access, privilege escalation to administrator, and installation of backdoors or malware.
If Mitigated
Limited impact if proper file upload restrictions and server hardening are in place, but still potential for information disclosure.
🎯 Exploit Status
Exploitation requires contributor-level WordPress credentials; LFI to RCE is straightforward if PHP files can be uploaded.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 3.3.4 or later
Vendor Advisory: https://wordpress.org/plugins/stars-testimonials-with-slider-and-masonry-grid/#developers
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Stars Testimonials with Slider and Masonry Grid'. 4. Click 'Update Now' if update is available. 5. Alternatively, delete the plugin and install the latest version from WordPress repository.
🔧 Temporary Workarounds
Disable Plugin
allTemporarily deactivate the vulnerable plugin until patched.
wp plugin deactivate stars-testimonials-with-slider-and-masonry-grid
Restrict User Roles
allRemove contributor and author roles from untrusted users to limit attack surface.
🧯 If You Can't Patch
- Implement strict file upload controls to prevent PHP file uploads via WordPress media library or other means.
- Use web application firewall (WAF) rules to block requests containing LFI patterns or suspicious shortcode parameters.
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin > Plugins > Installed Plugins for 'Stars Testimonials with Slider and Masonry Grid' version 3.3.3 or lower.Check Version:
wp plugin get stars-testimonials-with-slider-and-masonry-grid --field=versionVerify Fix Applied:
Confirm plugin version is 3.3.4 or higher in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- Unusual shortcode usage in POST requests
- File inclusion attempts in web server logs (e.g., '../', 'php://')
- Unexpected PHP file executions from plugin directories
Network Indicators:
- HTTP requests to plugin files with suspicious parameters
- Traffic spikes from contributor-level user accounts
SIEM Query:
source="web_logs" AND (uri="*stars-testimonials*" AND (param="*../*" OR param="*php://*"))🔗 References
- https://plugins.trac.wordpress.org/browser/stars-testimonials-with-slider-and-masonry-grid/tags/3.3.2/plugin.class.php#L1368
- https://plugins.trac.wordpress.org/browser/stars-testimonials-with-slider-and-masonry-grid/trunk/plugin.class.php#L1368
- https://www.wordfence.com/threat-intel/vulnerabilities/id/68250b6c-22c8-494f-b0b0-62b80cc4de0c?source=cve
