CVE-2024-47318
📋 TL;DR
This CVE describes a Missing Authorization vulnerability in the Magazine3 PWA for WP & AMP WordPress plugin that allows attackers to exploit incorrectly configured access control security levels. The vulnerability affects all versions up to 1.7.72, potentially allowing unauthorized access to functionality that should be restricted.
💻 Affected Systems
- Magazine3 PWA for WP & AMP WordPress Plugin
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Attackers could gain unauthorized administrative access, modify plugin settings, or access sensitive WordPress functionality that should be restricted to authenticated users.
Likely Case
Unauthorized users could access plugin configuration pages or functionality intended only for authenticated users, potentially modifying PWA settings or accessing restricted data.
If Mitigated
With proper access controls and authentication checks, the vulnerability would be prevented as all requests would be properly authorized before processing.
🎯 Exploit Status
The vulnerability involves missing authorization checks, which typically means attackers can access restricted endpoints without proper authentication. No public exploit code has been identified.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.7.73 or later
Vendor Advisory: https://patchstack.com/database/vulnerability/pwa-for-wp/wordpress-pwa-for-wp-amp-plugin-1-7-72-broken-access-control-vulnerability?_s_id=cve
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'PWA for WP & AMP' plugin. 4. Click 'Update Now' if update is available. 5. Alternatively, download version 1.7.73+ from WordPress.org and manually update.
🔧 Temporary Workarounds
Disable Plugin
allTemporarily disable the vulnerable plugin until patched
wp plugin deactivate pwa-for-wp
Restrict Access via Web Server
allConfigure web server to restrict access to plugin admin pages
# Add to .htaccess for Apache:
<FilesMatch "pwa-for-wp">
Order Deny,Allow
Deny from all
</FilesMatch>
# Add to nginx config:
location ~* /wp-content/plugins/pwa-for-wp {
deny all;
}
🧯 If You Can't Patch
- Disable the PWA for WP & AMP plugin immediately
- Implement web application firewall rules to block access to plugin-specific endpoints
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin → Plugins → Installed Plugins for 'PWA for WP & AMP' version. If version is 1.7.72 or lower, you are vulnerable.Check Version:
wp plugin get pwa-for-wp --field=versionVerify Fix Applied:
After updating, verify plugin version shows 1.7.73 or higher in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- Unauthorized access attempts to /wp-admin/admin.php?page=pwaforwp or similar plugin admin pages
- 403 errors followed by successful 200 responses to plugin endpoints
Network Indicators:
- HTTP requests to plugin admin endpoints without proper authentication cookies or tokens
SIEM Query:
source="web_access_logs" AND (uri="*pwaforwp*" OR uri="*pwa-for-wp*") AND status=200 AND NOT (user_agent="*wp-admin*" OR cookie="*wordpress_logged_in*")