CVE-2024-12043 – This stored XSS vulnerability in the Prime Slid... (How to Fix)

Q: What is the severity of CVE-2024-12043?

CVE-2024-12043 has a CVSS score of 6.4 (MEDIUM). This stored XSS vulnerability in the Prime Slider WordPress plugin allows authenticated attackers with Contributor access or higher to inject malicious scripts into website pages. The scripts execute whenever users visit compromised pages, potentially stealing credentials or performing unauthorized actions. All WordPress sites using vulnerable plugin versions are affected.

📋 TL;DR

This stored XSS vulnerability in the Prime Slider WordPress plugin allows authenticated attackers with Contributor access or higher to inject malicious scripts into website pages. The scripts execute whenever users visit compromised pages, potentially stealing credentials or performing unauthorized actions. All WordPress sites using vulnerable plugin versions are affected.

💻 Affected Systems

Products:

Prime Slider – Addons For Elementor (WordPress plugin)

Versions: All versions up to and including 3.16.5

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with vulnerable plugin and at least one user with Contributor role or higher.

📦 What is this software?

Prime Slider by Bdthemes

View all CVEs affecting Prime Slider →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal administrator credentials, deface websites, redirect users to malicious sites, or install backdoors for persistent access.

🟠

Likely Case

Attackers with contributor accounts inject malicious scripts to steal user session cookies or credentials, potentially compromising user accounts.

🟢

If Mitigated

With proper input validation and output escaping, no script injection would occur, limiting impact to data integrity issues.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access but is straightforward once an attacker has Contributor-level credentials.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.16.6 or later

Vendor Advisory: https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3222179%40bdthemes-prime-slider-lite&new=3222179%40bdthemes-prime-slider-lite&sfp_email=&sfph_mail=

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Prime Slider – Addons For Elementor'. 4. Click 'Update Now' if available, or download version 3.16.6+ from WordPress repository. 5. Activate updated plugin.

🔧 Temporary Workarounds

Disable vulnerable widget

all

Remove or disable the 'blog' widget from Elementor to prevent exploitation via social_link_title parameter.

Restrict user roles

all

Temporarily remove Contributor role access or implement stricter role-based access controls.

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block XSS payloads targeting social_link_title parameter
Disable the Prime Slider plugin entirely until patching is possible

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → Installed Plugins → Prime Slider version. If version is 3.16.5 or lower, system is vulnerable.

Check Version:

wp plugin list --name='bdthemes-prime-slider-lite' --field=version

Verify Fix Applied:

Verify plugin version is 3.16.6 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to wp-admin/admin-ajax.php with social_link_title parameter containing script tags
Multiple failed login attempts followed by successful Contributor-level login

Network Indicators:

Outbound connections to suspicious domains from WordPress site
Unexpected JavaScript execution in blog widget pages

SIEM Query:

source="wordpress.log" AND ("social_link_title" AND ("<script" OR "javascript:" OR "onerror="))

📊 Metadata

CVE ID: CVE-2024-12043

CVSS v3 Score: 6.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.06% exploit probability (17.3th percentile)

Published: January 23, 2025

Last Updated: February 5, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-12043, you might also want to check these: