CVE-2024-43131 – This vulnerability allows unauthenticated attac... (How to Fix)

Q: What is the severity of CVE-2024-43131?

CVE-2024-43131 has a CVSS score of 7.5 (HIGH). This vulnerability allows unauthenticated attackers to delete arbitrary posts and pages in WordPress sites using the vulnerable Docket plugin. It affects all WordPress installations with the Docket (WooCommerce Collections/Wishlist/Watchlist) plugin before version 1.7.0.

📋 TL;DR

This vulnerability allows unauthenticated attackers to delete arbitrary posts and pages in WordPress sites using the vulnerable Docket plugin. It affects all WordPress installations with the Docket (WooCommerce Collections/Wishlist/Watchlist) plugin before version 1.7.0.

💻 Affected Systems

Products:

Docket (WooCommerce Collections / Wishlist / Watchlist) WordPress plugin

Versions: All versions before 1.7.0

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all WordPress installations with the vulnerable plugin version, regardless of configuration.

📦 What is this software?

Docket by Wpwebelite

View all CVEs affecting Docket →

Docket by Wpwebelite

View all CVEs affecting Docket →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete website defacement or destruction through mass deletion of critical content, potentially causing business disruption and data loss.

🟠

Likely Case

Selective deletion of important posts, pages, or products leading to content loss and website integrity issues.

🟢

If Mitigated

No impact if plugin is patched or disabled, or if proper web application firewalls block the exploit attempts.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability requires no authentication and has publicly available technical details, making exploitation trivial.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.7.0

Vendor Advisory: https://patchstack.com/database/vulnerability/woocommerce-collections/wordpress-docket-woocommerce-collections-wishlist-watchlist-plugin-1-6-6-unauthenticated-arbitrary-post-page-deletion-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Docket (WooCommerce Collections/Wishlist/Watchlist)'. 4. Click 'Update Now' if update available. 5. If no update appears, manually download version 1.7.0+ from WordPress repository.

🔧 Temporary Workarounds

Disable vulnerable plugin

all

Temporarily deactivate the Docket plugin until patched

wp plugin deactivate woocommerce-collections

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block unauthorized POST requests to the vulnerable endpoints
Restrict access to the WordPress admin area using IP whitelisting or additional authentication layers

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin > Plugins > Installed Plugins for Docket plugin version. If version is below 1.7.0, you are vulnerable.

Check Version:

wp plugin get woocommerce-collections --field=version

Verify Fix Applied:

Confirm plugin version is 1.7.0 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

Multiple POST requests to wp-admin/admin-ajax.php with action parameters related to post/page deletion
Unexpected post/page deletions in WordPress logs

Network Indicators:

Unusual POST requests to admin-ajax.php from unauthenticated sources
HTTP 200 responses to deletion requests from non-admin IPs

SIEM Query:

source="wordpress.log" AND "admin-ajax.php" AND "action=*delete*" AND NOT user="admin"

📊 Metadata

CVE ID: CVE-2024-43131

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-863

Published: August 13, 2024

Last Updated: January 28, 2026

🔗 References

https://patchstack.com/database/vulnerability/woocommerce-collections/wordpress-docket-woocommerce-collections-wishlist-watchlist-plugin-1-6-6-unauthenticated-arbitrary-post-page-deletion-vulnerability?_s_id=cve Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-43131, you might also want to check these: