CVE-2024-1533 – This vulnerability allows authenticated WordPre... (How to Fix)

Q: What is the severity of CVE-2024-1533?

CVE-2024-1533 has a CVSS score of 6.4 (MEDIUM). This vulnerability allows authenticated WordPress users with contributor-level access or higher to inject malicious JavaScript into website pages via the Phlox theme's Shortcodes plugin. The injected scripts execute whenever visitors view the compromised pages, enabling session hijacking, defacement, or malware distribution. Sites using WordPress with Elementor and the Phlox theme's Auxin Elements plugin are affected.

📋 TL;DR

This vulnerability allows authenticated WordPress users with contributor-level access or higher to inject malicious JavaScript into website pages via the Phlox theme's Shortcodes plugin. The injected scripts execute whenever visitors view the compromised pages, enabling session hijacking, defacement, or malware distribution. Sites using WordPress with Elementor and the Phlox theme's Auxin Elements plugin are affected.

💻 Affected Systems

Products:

WordPress with Phlox theme Auxin Elements plugin

Versions: All versions up to and including 2.15.5

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires both Elementor plugin and Phlox theme to be installed and active. Contributor-level access or higher is needed to exploit.

📦 What is this software?

Shortcodes And Extra Features For Phlox Theme by Averta

View all CVEs affecting Shortcodes And Extra Features For Phlox Theme →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal administrator credentials, redirect users to malicious sites, install backdoors, or completely compromise the WordPress site and potentially the server.

🟠

Likely Case

Attackers with contributor access inject malicious scripts to steal user session cookies, display unwanted content, or redirect visitors to phishing pages.

🟢

If Mitigated

With proper user role management and content review processes, the impact is limited to potential defacement of individual pages.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access but is technically simple once an attacker has contributor privileges.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.15.6 or later

Vendor Advisory: https://wordpress.org/plugins/auxin-elements/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Go to Plugins → Installed Plugins. 3. Find 'Auxin Elements for Phlox Theme'. 4. Click 'Update Now' if available, or download latest version from WordPress repository. 5. Activate updated plugin.

🔧 Temporary Workarounds

Remove Contributor Access

all

Temporarily remove contributor-level access for untrusted users until patching is complete.

Disable Plugin

all

Deactivate the Auxin Elements plugin if functionality is not critical.

🧯 If You Can't Patch

Implement strict user role management and review all contributor content before publishing
Install a WordPress security plugin with XSS protection like Wordfence or Sucuri

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → Auxin Elements for Phlox Theme → Version. If version is 2.15.5 or lower, you are vulnerable.

Check Version:

wp plugin list --name='auxin-elements' --field=version

Verify Fix Applied:

After updating, verify plugin version shows 2.15.6 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

Unusual HTML/JavaScript in post/page content from contributor users
Multiple page edits by same user in short timeframe

Network Indicators:

External JavaScript loading from unexpected domains in page responses

SIEM Query:

source="wordpress" AND (event="post_modified" OR event="plugin_updated") AND plugin_name="auxin-elements"

📊 Metadata

CVE ID: CVE-2024-1533

CVSS v3 Score: 6.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

CWE: CWE-79

Published: May 2, 2024

Last Updated: May 29, 2025

🔗 References

https://wordpress.org/plugins/auxin-elements/ Product
https://www.wordfence.com/threat-intel/vulnerabilities/id/8bcd2c5e-4969-4530-b3ab-930c5051d8f1?source=cve Third Party Advisory
https://wordpress.org/plugins/auxin-elements/ Product
https://www.wordfence.com/threat-intel/vulnerabilities/id/8bcd2c5e-4969-4530-b3ab-930c5051d8f1?source=cve Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-1533, you might also want to check these: