Login Sign Up

CVE-2024-12279

6.1 MEDIUM
Cross-Site Scripting CSRF

📋 TL;DR

The WP Social AutoConnect WordPress plugin has a Cross-Site Request Forgery vulnerability that allows attackers to inject malicious scripts by tricking administrators into clicking malicious links. This affects all WordPress sites using the plugin up to version 4.6.2. Attackers can execute arbitrary JavaScript in the context of the administrator's session.

💻 Affected Systems

Products:
  • WP Social AutoConnect WordPress Plugin
Versions: All versions up to and including 4.6.2
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires WordPress installation with the vulnerable plugin activated. Attack requires administrator interaction.

📦 What is this software?

Wp Social Autoconnect by Wp Social Autoconnect Project

View all CVEs affecting Wp Social Autoconnect →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete site takeover through admin session hijacking, malware injection, or data theft if attacker successfully tricks administrator into executing malicious request.

🟠

Likely Case

Malicious script injection leading to defacement, credential theft, or backdoor installation on vulnerable WordPress sites.

🟢

If Mitigated

Limited impact if administrators use CSRF tokens, security plugins, or avoid clicking suspicious links.

🌐 Internet-Facing: HIGH
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires social engineering to trick administrator into clicking malicious link. No authentication required for the CSRF attack itself.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.6.3

Vendor Advisory: https://plugins.trac.wordpress.org/changeset/3211577/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find WP Social AutoConnect. 4. Click 'Update Now' if available. 5. Alternatively, download version 4.6.3+ from WordPress repository and replace plugin files.

🔧 Temporary Workarounds

Disable Plugin

all

Temporarily disable the vulnerable plugin until patched

wp plugin deactivate wp-fb-autoconnect

Add CSRF Protection

all

Implement custom nonce validation in plugin files

🧯 If You Can't Patch

  • Implement web application firewall with CSRF protection rules
  • Restrict administrator access to trusted networks only

🔍 How to Verify

Check if Vulnerable:

Check plugin version in WordPress admin panel under Plugins > Installed Plugins. Look for WP Social AutoConnect version 4.6.2 or lower.

Check Version:

wp plugin get wp-fb-autoconnect --field=version

Verify Fix Applied:

Verify plugin version is 4.6.3 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

  • Unusual POST requests to wp-admin/admin-ajax.php with plugin-specific actions
  • Multiple failed CSRF token validations

Network Indicators:

  • Suspicious referrer headers in admin requests
  • Unexpected cross-origin requests to plugin endpoints

SIEM Query:

source="wordpress.log" AND "wp-fb-autoconnect" AND ("admin-ajax" OR "nonce")

📊 Metadata

CVE ID: CVE-2024-12279
CVSS v3 Score: 6.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-352
EPSS Score: 0.2% exploit probability (42.1th percentile)
Published: January 4, 2025
Last Updated: August 12, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-12279, you might also want to check these:

CVE-2025-23922 10.0

A Cross-Site Request Forgery (CSRF) vulnerability in the Harsh iSpring Embedder WordPress plugin all...

Same vulnerability type (CWE-352)
CVE-2020-10181 9.8

This CVE describes a Cross-Site Request Forgery (CSRF) vulnerability in Sumavision Enhanced Multimed...

Same vulnerability type (CWE-352)
CVE-2020-23426 9.8

CVE-2020-23426 is a privilege escalation vulnerability in zzcms 201910 that allows attackers to gain...

Same vulnerability type (CWE-352)