CVE-2024-13924 – The Starter Templates by FancyWP WordPress plug... (How to Fix)

Q: What is the severity of CVE-2024-13924?

CVE-2024-13924 has a CVSS score of 5.3 (MEDIUM). The Starter Templates by FancyWP WordPress plugin has a blind SSRF vulnerability that allows unauthenticated attackers to make arbitrary HTTP requests from the web server. This can be used to probe internal networks, access internal services, or interact with cloud metadata APIs. All WordPress sites using this plugin up to version 2.0.0 are affected.

📋 TL;DR

The Starter Templates by FancyWP WordPress plugin has a blind SSRF vulnerability that allows unauthenticated attackers to make arbitrary HTTP requests from the web server. This can be used to probe internal networks, access internal services, or interact with cloud metadata APIs. All WordPress sites using this plugin up to version 2.0.0 are affected.

💻 Affected Systems

Products:

Starter Templates by FancyWP WordPress plugin

Versions: All versions up to and including 2.0.0

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with the vulnerable plugin active.

📦 What is this software?

Starter Templates by Fancywp

View all CVEs affecting Starter Templates →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could access sensitive internal services, retrieve cloud metadata credentials, or pivot to attack other internal systems from the compromised web server.

🟠

Likely Case

Attackers scan internal networks, access internal APIs, or interact with services that shouldn't be exposed externally.

🟢

If Mitigated

Limited to port scanning internal networks if proper network segmentation and egress filtering are in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SSRF vulnerabilities are commonly exploited and tooling exists for automated exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.0.1 or later

Vendor Advisory: https://plugins.trac.wordpress.org/browser/starter-templates/trunk/classess/class-export.php#L3

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Go to Plugins → Installed Plugins. 3. Find 'Starter Templates by FancyWP'. 4. Click 'Update Now' if available. 5. If no update appears, manually download version 2.0.1+ from WordPress.org and replace the plugin files.

🔧 Temporary Workarounds

Disable vulnerable plugin

all

Temporarily deactivate the Starter Templates plugin until patched

wp plugin deactivate starter-templates

Restrict outbound web requests

linux

Configure web server firewall to block outbound HTTP requests from the web application

🧯 If You Can't Patch

Implement network segmentation to isolate web servers from internal services
Deploy web application firewall with SSRF protection rules

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → Starter Templates by FancyWP version. If version is 2.0.0 or lower, you are vulnerable.

Check Version:

wp plugin get starter-templates --field=version

Verify Fix Applied:

Verify plugin version is 2.0.1 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

Unusual outbound HTTP requests from web server to internal IPs
Requests to cloud metadata endpoints (169.254.169.254, etc.)

Network Indicators:

Web server making unexpected outbound HTTP requests
Requests to internal network ranges from web application

SIEM Query:

source="web_server_logs" dest_ip IN (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.169.254) AND http_method="GET"

📊 Metadata

CVE ID: CVE-2024-13924

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-918

EPSS Score: 0.12% exploit probability (31.4th percentile)

Published: March 8, 2025

Last Updated: March 12, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-13924, you might also want to check these: