Login Sign Up

CVE-2024-49630

6.5 MEDIUM
Cross-Site Scripting

📋 TL;DR

This vulnerability allows attackers to inject malicious scripts into web pages generated by the WP Education plugin for WordPress. When users view affected pages, the scripts execute in their browsers, potentially stealing credentials or performing unauthorized actions. All WordPress sites using WP Education plugin versions up to 1.2.8 are affected.

💻 Affected Systems

Products:
  • HT Plugins WP Education for Elementor
Versions: n/a through 1.2.8
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: This affects WordPress installations using the WP Education plugin. The vulnerability is present in default configurations.

📦 What is this software?

Wp Education by Hasthemes

View all CVEs affecting Wp Education →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal administrator credentials, take over the WordPress site, deface content, or redirect visitors to malicious sites.

🟠

Likely Case

Attackers inject malicious scripts that steal user session cookies or credentials, potentially compromising user accounts.

🟢

If Mitigated

With proper input validation and output encoding, the malicious scripts would be neutralized before reaching users' browsers.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Stored XSS vulnerabilities typically require some level of access to inject malicious content, but once injected, the payload affects all users viewing the compromised page.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.2.9 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/wp-education/wordpress-wp-education-for-elementor-plugin-1-2-8-stored-cross-site-scripting-xss-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'WP Education for Elementor'. 4. Click 'Update Now' if available. 5. If no update appears, download version 1.2.9+ from WordPress repository and manually update.

🔧 Temporary Workarounds

Disable WP Education Plugin

all

Temporarily disable the vulnerable plugin until patched

wp plugin deactivate wp-education

Implement WAF Rules

all

Configure web application firewall to block XSS payloads

🧯 If You Can't Patch

  • Restrict plugin access to trusted administrators only
  • Implement Content Security Policy (CSP) headers to limit script execution

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins for WP Education version. If version is 1.2.8 or earlier, you are vulnerable.

Check Version:

wp plugin get wp-education --field=version

Verify Fix Applied:

After updating, verify WP Education plugin version shows 1.2.9 or higher in WordPress admin.

📡 Detection & Monitoring

Log Indicators:

  • Unusual POST requests to plugin endpoints
  • Suspicious script tags in form submissions

Network Indicators:

  • Malicious script payloads in HTTP requests
  • Unexpected outbound connections from user browsers

SIEM Query:

source="wordpress.log" AND "wp-education" AND ("script" OR "javascript" OR "onload" OR "onerror")

📊 Metadata

CVE ID: CVE-2024-49630
CVSS v3 Score: 6.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
CWE: CWE-79
Published: October 20, 2024
Last Updated: October 23, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-49630, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)