CVE-2024-13588 – The Simplebooklet PDF Viewer WordPress plugin h... (How to Fix)

Q: What is the severity of CVE-2024-13588?

CVE-2024-13588 has a CVSS score of 6.4 (MEDIUM). The Simplebooklet PDF Viewer WordPress plugin has a stored XSS vulnerability that allows authenticated attackers with contributor-level access or higher to inject malicious scripts into website pages. These scripts execute whenever users view the compromised pages, potentially stealing credentials or performing unauthorized actions. All WordPress sites using Simplebooklet plugin versions 1.1.0 and earlier are affected.

📋 TL;DR

The Simplebooklet PDF Viewer WordPress plugin has a stored XSS vulnerability that allows authenticated attackers with contributor-level access or higher to inject malicious scripts into website pages. These scripts execute whenever users view the compromised pages, potentially stealing credentials or performing unauthorized actions. All WordPress sites using Simplebooklet plugin versions 1.1.0 and earlier are affected.

💻 Affected Systems

Products:

Simplebooklet PDF Viewer and Embedder WordPress Plugin

Versions: All versions up to and including 1.1.0

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with Simplebooklet plugin enabled and at least one user with contributor-level access.

📦 What is this software?

Simplebooklet by Simplebooklet

View all CVEs affecting Simplebooklet →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal administrator credentials, take over the WordPress site, install backdoors, deface the website, or redirect visitors to malicious sites.

🟠

Likely Case

Attackers with contributor access inject malicious scripts to steal user session cookies, perform actions as other users, or display phishing content to visitors.

🟢

If Mitigated

With proper user role management and input validation, the risk is limited to trusted contributors who could still cause damage but would be traceable.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access (contributor role or higher). The vulnerability is in the 'simplebooklet' shortcode attribute handling.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.1.1 or later

Vendor Advisory: https://wordpress.org/plugins/simplebooklet/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Go to Plugins → Installed Plugins. 3. Find Simplebooklet PDF Viewer. 4. Click 'Update Now' if update available. 5. If no update appears, manually download version 1.1.1+ from WordPress.org and replace plugin files.

🔧 Temporary Workarounds

Disable Simplebooklet Plugin

all

Temporarily disable the vulnerable plugin until patched

wp plugin deactivate simplebooklet

Restrict User Roles

all

Remove contributor access from untrusted users

wp user list --role=contributor
wp user set-role <username> subscriber

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block XSS payloads in shortcode attributes
Audit all posts/pages for suspicious 'simplebooklet' shortcode usage and remove unauthorized content

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → Simplebooklet PDF Viewer version. If version is 1.1.0 or earlier, you are vulnerable.

Check Version:

wp plugin get simplebooklet --field=version

Verify Fix Applied:

After updating, verify plugin version shows 1.1.1 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

Unusual post/page edits by contributor users
Multiple failed login attempts followed by successful contributor login
Posts containing suspicious 'simplebooklet' shortcode attributes

Network Indicators:

Outbound connections to suspicious domains from your WordPress site
Unexpected JavaScript loading from your domain

SIEM Query:

source="wordpress" AND (event="post_modified" OR event="plugin_updated") AND plugin="simplebooklet"

📊 Metadata

CVE ID: CVE-2024-13588

CVSS v3 Score: 6.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.09% exploit probability (25.3th percentile)

Published: February 18, 2025

Last Updated: February 21, 2025

🔗 References

https://plugins.trac.wordpress.org/browser/simplebooklet/trunk/simplebooklet.php Product
https://wordpress.org/plugins/simplebooklet/ Product
https://www.wordfence.com/threat-intel/vulnerabilities/id/59d9ff2e-4b0b-4096-91ca-1a029f31796b?source=cve Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-13588, you might also want to check these: