CVE-2024-43919 – CVE-2024-43919 is a broken access control vulne... (How to Fix)

Q: What is the severity of CVE-2024-43919?

CVE-2024-43919 has a CVSS score of 5.3 (MEDIUM). CVE-2024-43919 is a broken access control vulnerability in the YARPP WordPress plugin that allows unauthorized users to perform actions they shouldn't be able to. This affects all WordPress sites running YARPP versions up to 5.30.10. The vulnerability stems from missing capability checks on certain plugin functions.

📋 TL;DR

CVE-2024-43919 is a broken access control vulnerability in the YARPP WordPress plugin that allows unauthorized users to perform actions they shouldn't be able to. This affects all WordPress sites running YARPP versions up to 5.30.10. The vulnerability stems from missing capability checks on certain plugin functions.

💻 Affected Systems

Products:

Yet Another Related Posts Plugin (YARPP) for WordPress

Versions: n/a through 5.30.10

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: All WordPress installations with YARPP plugin enabled are vulnerable if running affected versions.

📦 What is this software?

Yet Another Related Posts Plugin by Yarpp

View all CVEs affecting Yet Another Related Posts Plugin →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could modify plugin settings, manipulate related posts functionality, or potentially escalate privileges depending on what actions lack proper authorization checks.

🟠

Likely Case

Unauthorized users can change YARPP configuration settings, affecting how related posts are displayed on the site.

🟢

If Mitigated

With proper WordPress user role management and security plugins, the impact is limited to minor configuration changes.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires some level of WordPress user access, though potentially low-privileged accounts.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.30.11 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/yet-another-related-posts-plugin/wordpress-yet-another-related-posts-plugin-yarpp-plugin-5-30-10-broken-access-control-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Go to Plugins → Installed Plugins. 3. Find YARPP and click 'Update Now'. 4. Alternatively, download version 5.30.11+ from WordPress.org and manually update.

🔧 Temporary Workarounds

Disable YARPP Plugin

all

Temporarily disable the plugin until patched

wp plugin deactivate yet-another-related-posts-plugin

Restrict User Roles

all

Limit administrative access to trusted users only

🧯 If You Can't Patch

Disable YARPP plugin completely
Implement strict user role management and audit all user accounts

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → YARPP version. If version is 5.30.10 or earlier, you are vulnerable.

Check Version:

wp plugin get yet-another-related-posts-plugin --field=version

Verify Fix Applied:

Verify YARPP version is 5.30.11 or later in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

Unauthorized YARPP configuration changes in WordPress logs
User role escalation attempts

Network Indicators:

Unusual POST requests to YARPP admin endpoints from non-admin users

SIEM Query:

source="wordpress" AND (plugin="yarpp" OR uri="/wp-admin/admin.php?page=yarpp") AND user_role!="administrator"

📊 Metadata

CVE ID: CVE-2024-43919

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE: CWE-862

Published: November 1, 2024

Last Updated: November 13, 2024

🔗 References

https://patchstack.com/database/vulnerability/yet-another-related-posts-plugin/wordpress-yet-another-related-posts-plugin-yarpp-plugin-5-30-10-broken-access-control-vulnerability?_s_id=cve Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-43919, you might also want to check these: