Login Sign Up

CVE-2024-43337

4.3 MEDIUM
Authentication Bypass CSRF

📋 TL;DR

A Cross-Site Request Forgery (CSRF) vulnerability in the Brave Popup Builder WordPress plugin allows attackers to trick authenticated administrators into performing unintended actions. This affects WordPress sites using Brave Popup Builder versions up to 0.7.0. Attackers could modify plugin settings or perform other administrative actions without the victim's knowledge.

💻 Affected Systems

Products:
  • Brave Popup Builder WordPress Plugin
Versions: n/a through 0.7.0
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects WordPress installations with the Brave Popup Builder plugin installed and activated.

📦 What is this software?

Brave by Getbrave

View all CVEs affecting Brave →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could completely compromise the WordPress site by tricking an administrator into changing critical settings, installing malicious plugins, or granting elevated privileges.

🟠

Likely Case

Attackers modify popup settings, inject malicious content into popups, or change plugin configurations to serve malicious content to site visitors.

🟢

If Mitigated

With proper CSRF protections and user awareness, the risk is minimal as it requires authenticated admin sessions and user interaction.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires tricking an authenticated administrator into clicking a malicious link while logged into WordPress.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.7.1 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/brave-popup-builder/wordpress-brave-plugin-0-7-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find Brave Popup Builder. 4. Click 'Update Now' if available. 5. Alternatively, download version 0.7.1+ from WordPress.org and manually update.

🔧 Temporary Workarounds

Temporary Plugin Deactivation

all

Disable the vulnerable plugin until patched

wp plugin deactivate brave-popup-builder

CSRF Protection Middleware

all

Implement additional CSRF protection at web server or application level

🧯 If You Can't Patch

  • Restrict admin access to trusted networks only
  • Implement strict Content Security Policy (CSP) headers

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → Brave Popup Builder version. If version is 0.7.0 or earlier, you are vulnerable.

Check Version:

wp plugin get brave-popup-builder --field=version

Verify Fix Applied:

After updating, verify version is 0.7.1 or later in WordPress plugins list.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected plugin setting changes
  • Admin actions from unusual IPs without corresponding login

Network Indicators:

  • POST requests to /wp-admin/admin-ajax.php with plugin-specific actions from non-admin pages

SIEM Query:

source="wordpress.log" AND ("brave-popup-builder" OR "admin-ajax.php") AND action="save"

📊 Metadata

CVE ID: CVE-2024-43337
CVSS v3 Score: 4.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CWE: CWE-352
Published: August 26, 2024
Last Updated: August 27, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-43337, you might also want to check these:

CVE-2025-23922 10.0

A Cross-Site Request Forgery (CSRF) vulnerability in the Harsh iSpring Embedder WordPress plugin all...

Same vulnerability type (CWE-352)
CVE-2018-18934 9.8

This vulnerability in PopojiCMS v2.0.1 allows remote attackers to upload and execute arbitrary PHP c...

Same vulnerability type (CWE-352)
CVE-2020-10181 9.8

This CVE describes a Cross-Site Request Forgery (CSRF) vulnerability in Sumavision Enhanced Multimed...

Same vulnerability type (CWE-352)