CVE-2024-12295
📋 TL;DR
The BoomBox Theme Extensions WordPress plugin allows authenticated attackers with subscriber-level access or higher to reset passwords of any user, including administrators, leading to account takeover. This affects all WordPress sites using the plugin up to version 1.8.0. Attackers can escalate privileges to gain full administrative control.
💻 Affected Systems
- BoomBox Theme Extensions WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete site compromise where attackers gain administrative access, install backdoors, steal data, deface the site, or use it for further attacks.
Likely Case
Administrative account takeover leading to content manipulation, plugin/themes installation, or data exfiltration.
If Mitigated
Limited impact if strong network segmentation, monitoring, and least privilege principles are enforced.
🎯 Exploit Status
Requires authenticated access (subscriber or higher). Attackers need to identify user IDs and craft AJAX requests to the vulnerable function.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version after 1.8.0
Vendor Advisory: https://themeforest.net/item/boombox-viral-buzz-wordpress-theme/16596434
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'BoomBox Theme Extensions'. 4. Click 'Update Now' if available. 5. If no update appears, deactivate and delete the plugin immediately.
🔧 Temporary Workarounds
Disable vulnerable plugin
WordPressTemporarily deactivate the BoomBox Theme Extensions plugin to prevent exploitation.
wp plugin deactivate boombox-theme-extensions
🧯 If You Can't Patch
- Remove all non-essential user accounts, especially those with subscriber or higher privileges.
- Implement web application firewall (WAF) rules to block requests to the 'boombox_ajax_reset_password' endpoint.
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel > Plugins > Installed Plugins for 'BoomBox Theme Extensions' version 1.8.0 or lower.Check Version:
wp plugin get boombox-theme-extensions --field=versionVerify Fix Applied:
Confirm plugin version is higher than 1.8.0 in WordPress admin panel or via 'wp plugin list' command.📡 Detection & Monitoring
Log Indicators:
- Unusual password reset requests in WordPress logs
- Multiple failed login attempts followed by successful login from new IP
- AJAX requests to '/wp-admin/admin-ajax.php' with action 'boombox_ajax_reset_password'
Network Indicators:
- POST requests to admin-ajax.php with reset_password parameters
- Unusual traffic patterns from authenticated user accounts
SIEM Query:
source="wordpress.log" AND "boombox_ajax_reset_password"