CVE-2024-13495 – This vulnerability allows unauthenticated attac... (How to Fix)

Q: What is the severity of CVE-2024-13495?

CVE-2024-13495 has a CVSS score of 7.3 (HIGH). This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes through the GamiPress plugin's AJAX function. Attackers can potentially inject malicious code, create backdoors, or manipulate site content. All WordPress sites using GamiPress versions up to 7.2.1 are affected.

📋 TL;DR

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes through the GamiPress plugin's AJAX function. Attackers can potentially inject malicious code, create backdoors, or manipulate site content. All WordPress sites using GamiPress versions up to 7.2.1 are affected.

💻 Affected Systems

Products:

GamiPress – Gamification plugin for WordPress

Versions: All versions up to and including 7.2.1

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: All WordPress installations with vulnerable GamiPress versions are affected regardless of configuration.

📦 What is this software?

Gamipress by Gamipress

View all CVEs affecting Gamipress →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete site takeover via shortcode execution leading to remote code execution, data theft, or malware installation.

🟠

Likely Case

Unauthorized content injection, privilege escalation, or backdoor creation through malicious shortcode execution.

🟢

If Mitigated

Limited impact if proper input validation and shortcode filtering are implemented.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires sending crafted AJAX requests to the vulnerable endpoint without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 7.2.2 or later

Vendor Advisory: https://wordpress.org/plugins/gamipress/#developers

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find GamiPress and click 'Update Now'. 4. Verify version is 7.2.2 or higher.

🔧 Temporary Workarounds

Disable vulnerable AJAX endpoint

WordPress

Remove or restrict access to the gamipress_ajax_get_logs() function

Add to theme's functions.php: remove_action('wp_ajax_gamipress_get_logs', 'gamipress_ajax_get_logs');
Add to theme's functions.php: remove_action('wp_ajax_nopriv_gamipress_get_logs', 'gamipress_ajax_get_logs');

🧯 If You Can't Patch

Temporarily disable the GamiPress plugin entirely
Implement WAF rules to block requests to /wp-admin/admin-ajax.php with gamipress_get_logs action

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → Installed Plugins → GamiPress version

Check Version:

wp plugin list --name=gamipress --field=version

Verify Fix Applied:

Confirm GamiPress version is 7.2.2 or higher in WordPress admin

📡 Detection & Monitoring

Log Indicators:

POST requests to /wp-admin/admin-ajax.php with action=gamipress_get_logs
Unusual shortcode execution in WordPress debug logs

Network Indicators:

HTTP POST requests to admin-ajax.php with gamipress_get_logs parameter from unexpected sources

SIEM Query:

source="wordpress.log" AND "admin-ajax.php" AND "gamipress_get_logs"

📊 Metadata

CVE ID: CVE-2024-13495

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-94

EPSS Score: 1.88% exploit probability (82.8th percentile)

Published: January 22, 2025

Last Updated: January 24, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-13495, you might also want to check these: