CVE-2024-3597 – The Export WP Page to Static HTML/CSS WordPress... (How to Fix)

Q: What is the severity of CVE-2024-3597?

CVE-2024-3597 has a CVSS score of 7.1 (HIGH). The Export WP Page to Static HTML/CSS WordPress plugin contains an open redirect vulnerability that allows unauthenticated attackers to redirect users to malicious websites. This affects all versions up to and including 2.2.2. Attackers can exploit this by tricking users into clicking specially crafted links.

📋 TL;DR

The Export WP Page to Static HTML/CSS WordPress plugin contains an open redirect vulnerability that allows unauthenticated attackers to redirect users to malicious websites. This affects all versions up to and including 2.2.2. Attackers can exploit this by tricking users into clicking specially crafted links.

💻 Affected Systems

Products:

Export WP Page to Static HTML/CSS WordPress plugin

Versions: All versions up to and including 2.2.2

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects WordPress sites with this specific plugin installed and activated.

📦 What is this software?

Export Wp Page To Static Html\/css by Myrecorp

View all CVEs affecting Export Wp Page To Static Html\/css →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Users could be redirected to phishing sites that steal credentials or deliver malware, leading to account compromise or system infection.

🟠

Likely Case

Attackers redirect users to phishing pages to harvest login credentials or display malicious ads.

🟢

If Mitigated

With proper user awareness training and web application firewalls, the impact is limited to failed phishing attempts.

🌐 Internet-Facing: HIGH

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires user interaction (clicking a link) but is technically simple to execute.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.2.3 or later

Vendor Advisory: https://plugins.trac.wordpress.org/browser/export-wp-page-to-static-html/trunk/admin/class-export-wp-page-to-static-html-admin.php#L1289

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Go to Plugins → Installed Plugins. 3. Find 'Export WP Page to Static HTML/CSS'. 4. Click 'Update Now' if available, or manually update to version 2.2.3+. 5. Verify the plugin is active and functioning.

🔧 Temporary Workarounds

Disable the vulnerable plugin

all

Temporarily deactivate the Export WP Page to Static HTML/CSS plugin until patched.

wp plugin deactivate export-wp-page-to-static-html

Web Application Firewall rule

all

Block requests containing the vulnerable rc_exported_zip_file parameter with external URLs.

🧯 If You Can't Patch

Implement strict Content Security Policy (CSP) headers to restrict redirect destinations.
Use a web application firewall to block malicious redirect patterns.

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → Installed Plugins for 'Export WP Page to Static HTML/CSS' version 2.2.2 or lower.

Check Version:

wp plugin get export-wp-page-to-static-html --field=version

Verify Fix Applied:

Confirm the plugin version is 2.2.3 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

HTTP requests containing 'rc_exported_zip_file' parameter with external domains in WordPress access logs
Unusual redirect patterns in web server logs

Network Indicators:

HTTP 302/301 redirects to unexpected external domains from WordPress sites

SIEM Query:

source="wordpress_access.log" AND rc_exported_zip_file AND NOT (url_domain="yourdomain.com" OR url_domain="trusteddomain.com")

📊 Metadata

CVE ID: CVE-2024-3597

CVSS v3 Score: 7.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

CWE: CWE-601

Published: June 20, 2024

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-3597, you might also want to check these: