CVE-2024-5324 – This vulnerability in the Login/Signup Popup pl... (How to Fix)

Q: What is the severity of CVE-2024-5324?

CVE-2024-5324 has a CVSS score of 8.8 (HIGH). This vulnerability in the Login/Signup Popup plugin for WordPress allows authenticated users with Subscriber-level access or higher to modify arbitrary site options. Attackers can enable new user registration and set the default role to Administrator, potentially gaining full control. WordPress sites using vulnerable plugin versions 2.7.1 to 2.7.2 are affected.

📋 TL;DR

This vulnerability in the Login/Signup Popup plugin for WordPress allows authenticated users with Subscriber-level access or higher to modify arbitrary site options. Attackers can enable new user registration and set the default role to Administrator, potentially gaining full control. WordPress sites using vulnerable plugin versions 2.7.1 to 2.7.2 are affected.

💻 Affected Systems

Products:

Login/Signup Popup (Inline Form + Woocommerce) WordPress plugin

Versions: 2.7.1 to 2.7.2

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with the vulnerable plugin enabled. Any authenticated user (Subscriber role or higher) can exploit.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain administrative privileges, leading to complete site compromise, data theft, malware injection, or site defacement.

🟠

Likely Case

Attackers create administrative accounts for themselves, enabling persistent access and further malicious activities.

🟢

If Mitigated

With proper access controls and monitoring, impact is limited to unauthorized option changes that can be detected and reverted.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access but is straightforward due to missing capability checks.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.7.3

Vendor Advisory: https://plugins.trac.wordpress.org/changeset/3093994/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Login/Signup Popup (Inline Form + Woocommerce)'. 4. Click 'Update Now' if available, or manually update to version 2.7.3 or later.

🔧 Temporary Workarounds

Disable vulnerable plugin

all

Temporarily deactivate the plugin until patched.

wp plugin deactivate easy-login-woocommerce

Restrict user registration

all

Disable new user registration in WordPress settings.

🧯 If You Can't Patch

Remove Subscriber and higher role access from untrusted users.
Implement web application firewall rules to block suspicious option modification requests.

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin > Plugins > Installed Plugins for 'Login/Signup Popup (Inline Form + Woocommerce)' version 2.7.1 or 2.7.2.

Check Version:

wp plugin get easy-login-woocommerce --field=version

Verify Fix Applied:

Confirm plugin version is 2.7.3 or later in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

Unusual option changes in WordPress logs, especially to 'users_can_register' or 'default_role'.
Administrator account creation from non-admin users.

Network Indicators:

POST requests to /wp-admin/admin-ajax.php with action 'import_settings' from low-privilege users.

SIEM Query:

source="wordpress.log" AND ("users_can_register" OR "default_role" OR "import_settings")

📊 Metadata

CVE ID: CVE-2024-5324

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-863

Published: June 6, 2024

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-5324, you might also want to check these: