CVE-2024-12679 – The Prisna GWT WordPress plugin before version ... (How to Fix)

Q: What is the severity of CVE-2024-12679?

CVE-2024-12679 has a CVSS score of 4.8 (MEDIUM). The Prisna GWT WordPress plugin before version 1.4.14 contains a stored cross-site scripting (XSS) vulnerability in its settings. This allows authenticated administrators to inject malicious scripts that execute when other users view affected pages, even in WordPress multisite installations where unfiltered_html is restricted. Only WordPress sites using vulnerable versions of this specific plugin are affected.

📋 TL;DR

The Prisna GWT WordPress plugin before version 1.4.14 contains a stored cross-site scripting (XSS) vulnerability in its settings. This allows authenticated administrators to inject malicious scripts that execute when other users view affected pages, even in WordPress multisite installations where unfiltered_html is restricted. Only WordPress sites using vulnerable versions of this specific plugin are affected.

💻 Affected Systems

Products:

Prisna GWT WordPress Plugin

Versions: All versions before 1.4.14

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with Prisna GWT plugin. Vulnerability requires admin-level access to exploit.

📦 What is this software?

Google Website Translator by Prisna

View all CVEs affecting Google Website Translator →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with admin privileges could inject malicious JavaScript that steals session cookies, redirects users to phishing sites, or performs actions on behalf of authenticated users, potentially leading to complete site compromise.

🟠

Likely Case

Malicious admin injects JavaScript payload that executes when other privileged users view plugin settings, potentially allowing privilege escalation or data theft within the WordPress environment.

🟢

If Mitigated

With proper user access controls and regular admin auditing, impact is limited to potential data leakage from users who view the malicious settings page.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires admin privileges. Attack is straightforward once authenticated as admin.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.4.14

Vendor Advisory: https://wpscan.com/vulnerability/7ca1438f-4269-4e34-be4a-766276a9f016/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Prisna GWT plugin. 4. Click 'Update Now' if update available. 5. If no update appears, manually download version 1.4.14+ from WordPress.org and replace plugin files.

🔧 Temporary Workarounds

Remove vulnerable plugin

all

Temporarily deactivate and remove the Prisna GWT plugin until patched version can be installed

Restrict admin access

all

Implement strict access controls and monitoring for admin accounts

🧯 If You Can't Patch

Remove the Prisna GWT plugin entirely if functionality is not critical
Implement strict admin account monitoring and limit number of admin users

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins for Prisna GWT version. If version is below 1.4.14, system is vulnerable.

Check Version:

wp plugin list --name=prisna-gwt --field=version

Verify Fix Applied:

After update, verify Prisna GWT plugin shows version 1.4.14 or higher in WordPress plugins list.

📡 Detection & Monitoring

Log Indicators:

Unusual admin activity modifying plugin settings
Multiple failed login attempts followed by successful admin login

Network Indicators:

Unexpected JavaScript payloads in HTTP POST requests to wp-admin/admin-ajax.php or similar endpoints

SIEM Query:

source="wordpress" AND (event_type="plugin_modified" OR event_type="settings_updated") AND plugin_name="prisna-gwt"

📊 Metadata

CVE ID: CVE-2024-12679

CVSS v3 Score: 4.8 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.05% exploit probability (16.8th percentile)

Published: May 15, 2025

Last Updated: May 28, 2025

🔗 References

https://wpscan.com/vulnerability/7ca1438f-4269-4e34-be4a-766276a9f016/ Exploit,Third Party Advisory
https://wpscan.com/vulnerability/7ca1438f-4269-4e34-be4a-766276a9f016/ Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-12679, you might also want to check these: