CVE-2024-4404 – The ElementsKit PRO WordPress plugin versions u... (How to Fix)

Q: What is the severity of CVE-2024-4404?

CVE-2024-4404 has a CVSS score of 8.5 (HIGH). The ElementsKit PRO WordPress plugin versions up to 3.6.2 contain a Server-Side Request Forgery (SSRF) vulnerability in the 'render_raw' function. This allows authenticated attackers with contributor-level permissions or higher to make arbitrary web requests from the vulnerable server, potentially accessing internal services. WordPress sites using vulnerable versions of ElementsKit PRO are affected.

📋 TL;DR

The ElementsKit PRO WordPress plugin versions up to 3.6.2 contain a Server-Side Request Forgery (SSRF) vulnerability in the 'render_raw' function. This allows authenticated attackers with contributor-level permissions or higher to make arbitrary web requests from the vulnerable server, potentially accessing internal services. WordPress sites using vulnerable versions of ElementsKit PRO are affected.

💻 Affected Systems

Products:

ElementsKit PRO WordPress Plugin

Versions: Up to and including 3.6.2

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with ElementsKit PRO plugin enabled. Contributor-level authentication is required for exploitation.

📦 What is this software?

Elementskit by Wpmet

View all CVEs affecting Elementskit →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could access internal services, exfiltrate sensitive data, perform port scanning, or pivot to attack internal network resources.

🟠

Likely Case

Attackers with contributor access could probe internal services, potentially accessing metadata services, internal APIs, or other web applications on the same network.

🟢

If Mitigated

With proper network segmentation and authentication controls, impact is limited to the web server's network access and available services.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access with contributor permissions or higher. Public exploit details are available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.6.3 and later

Vendor Advisory: https://wpmet.com/plugin/elementskit/roadmaps/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find ElementsKit PRO and click 'Update Now'. 4. Verify version is 3.6.3 or higher.

🔧 Temporary Workarounds

Remove Contributor Access

all

Temporarily remove contributor-level user roles or restrict their permissions

Disable Plugin

all

Deactivate ElementsKit PRO plugin until patched

🧯 If You Can't Patch

Implement network segmentation to restrict web server outbound connections
Apply strict authentication controls and monitor contributor-level user activity

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel → Plugins → ElementsKit PRO version. If version is 3.6.2 or lower, system is vulnerable.

Check Version:

wp plugin list --name=elementskit-pro --field=version

Verify Fix Applied:

Verify ElementsKit PRO version is 3.6.3 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

Unusual outbound HTTP requests from web server to internal IPs
Multiple failed authentication attempts for contributor accounts
Suspicious POST requests to ElementsKit PRO endpoints

Network Indicators:

Web server making unexpected outbound HTTP requests to internal services
Traffic from web server to metadata services (169.254.169.254, etc.)

SIEM Query:

source="web_server_logs" AND (uri CONTAINS "/wp-admin/admin-ajax.php" OR uri CONTAINS "elementskit") AND (status=200 OR status=302) AND user_agent NOT IN ("normal_user_agents")

📊 Metadata

CVE ID: CVE-2024-4404

CVSS v3 Score: 8.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

CWE: CWE-918

Published: June 14, 2024

Last Updated: January 10, 2025

🔗 References

https://wpmet.com/plugin/elementskit/roadmaps/ Product
https://www.wordfence.com/threat-intel/vulnerabilities/id/6417269d-3d49-4f33-b92a-5aacb052bab0?source=cve Third Party Advisory
https://wpmet.com/plugin/elementskit/roadmaps/ Product
https://www.wordfence.com/threat-intel/vulnerabilities/id/6417269d-3d49-4f33-b92a-5aacb052bab0?source=cve Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-4404, you might also want to check these: