Login Sign Up

CVE-2024-35637

4.4 MEDIUM
SSRF

📋 TL;DR

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in the Church Admin WordPress plugin. It allows attackers to make the vulnerable server send unauthorized requests to internal or external systems. WordPress sites using Church Admin versions up to 4.3.6 are affected.

💻 Affected Systems

Products:
  • Church Admin WordPress Plugin
Versions: n/a through 4.3.6
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Requires WordPress installation with Church Admin plugin enabled.

📦 What is this software?

Church Admin by Church Admin Project

View all CVEs affecting Church Admin →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could access internal services, perform port scanning, or interact with cloud metadata services to gain further access.

🟠

Likely Case

Information disclosure from internal services, limited internal network reconnaissance, or abuse of the server as a proxy.

🟢

If Mitigated

Limited impact if network segmentation restricts internal access and external requests are filtered.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation likely requires some level of access to the WordPress site, but specific authentication requirements are not detailed in available references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.3.7 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/church-admin/wordpress-church-admin-plugin-4-3-6-server-side-request-forgery-ssrf-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Church Admin and click 'Update Now' if available. 4. Alternatively, download version 4.3.7+ from WordPress repository and manually update.

🔧 Temporary Workarounds

Disable Church Admin Plugin

all

Temporarily deactivate the vulnerable plugin until patched.

wp plugin deactivate church-admin

Network Restriction

all

Use web application firewall or network controls to block outbound requests from the web server to internal networks.

🧯 If You Can't Patch

  • Disable the Church Admin plugin entirely.
  • Implement strict network egress filtering from the web server to prevent internal requests.

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins for Church Admin version. If version is 4.3.6 or earlier, it's vulnerable.

Check Version:

wp plugin list --name=church-admin --field=version

Verify Fix Applied:

Confirm Church Admin plugin version is 4.3.7 or later in WordPress admin.

📡 Detection & Monitoring

Log Indicators:

  • Unusual outbound HTTP requests from web server logs to internal IPs or unexpected domains.
  • Requests to cloud metadata endpoints (e.g., 169.254.169.254) from web server.

Network Indicators:

  • Web server making unexpected outbound connections to internal services or external URLs with unusual patterns.

SIEM Query:

source="web_server_logs" AND (url CONTAINS "internal_ip" OR url CONTAINS "metadata")

📊 Metadata

CVE ID: CVE-2024-35637
CVSS v3 Score: 4.4 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
CWE: CWE-918
Published: June 3, 2024
Last Updated: January 21, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-35637, you might also want to check these:

CVE-2023-3432 10.0

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in PlantUML versions prior to ...

Same vulnerability type (CWE-918)
CVE-2025-2828 10.0

This Server-Side Request Forgery (SSRF) vulnerability in langchain-community's RequestsToolkit allow...

Same vulnerability type (CWE-918)
CVE-2023-43654 10.0

TorchServe versions 0.1.0 to 0.8.1 have a critical vulnerability where the default configuration lac...

Same vulnerability type (CWE-918)