Login Sign Up

CVE-2024-7063

4.3 MEDIUM

📋 TL;DR

The ElementsKit Pro WordPress plugin has a vulnerability that allows authenticated users with Contributor-level permissions or higher to access sensitive data including private, draft, and scheduled posts. This affects all WordPress sites using ElementsKit Pro version 3.6.6 or earlier. The exposure occurs through the 'render_raw' function which improperly handles access controls.

💻 Affected Systems

Products:
  • ElementsKit Pro WordPress Plugin
Versions: All versions up to and including 3.6.6
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Requires WordPress installation with ElementsKit Pro plugin enabled. Vulnerability is present in default configuration.

📦 What is this software?

Elementskit by Wpmet

View all CVEs affecting Elementskit →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Malicious contributor-level users could extract all unpublished content including sensitive business information, embargoed announcements, or confidential draft documents before publication.

🟠

Likely Case

Disgruntled or compromised contributor accounts could access and leak unpublished content, potentially causing reputational damage or competitive intelligence loss.

🟢

If Mitigated

With proper user access controls and monitoring, the impact is limited to potential data exposure from compromised low-privilege accounts.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access with at least Contributor-level permissions. The vulnerability is well-documented and simple to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.6.7 or later

Vendor Advisory: https://wpmet.com/plugin/elementskit/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find ElementsKit Pro and click 'Update Now'. 4. Verify version is 3.6.7 or higher.

🔧 Temporary Workarounds

Temporary Plugin Deactivation

all

Disable ElementsKit Pro plugin until patched

wp plugin deactivate elementskit-pro

Restrict Contributor Access

all

Temporarily elevate all contributors to higher trust levels or restrict contributor account creation

🧯 If You Can't Patch

  • Review and audit all contributor-level user accounts for suspicious activity
  • Implement additional monitoring for access to unpublished content

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel → Plugins → ElementsKit Pro → Version. If version is 3.6.6 or lower, system is vulnerable.

Check Version:

wp plugin get elementskit-pro --field=version

Verify Fix Applied:

After updating, confirm version is 3.6.7 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

  • Unusual access patterns to unpublished posts by contributor-level users
  • Multiple failed attempts to access draft/private content

Network Indicators:

  • HTTP requests to /wp-admin/admin-ajax.php with action=render_raw parameters

SIEM Query:

source="wordpress.log" AND (action="render_raw" OR post_status="draft" OR post_status="private") AND user_role="contributor"

📊 Metadata

CVE ID: CVE-2024-7063
CVSS v3 Score: 4.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE: CWE-200
Published: August 15, 2024
Last Updated: January 8, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-7063, you might also want to check these:

CVE-2025-61481 10.0

MikroTik RouterOS and SwOS expose their WebFig management interface over unencrypted HTTP by default...

Same vulnerability type (CWE-200)
CVE-2025-53624 10.0

The Docusaurus gists plugin versions before 4.0.0 expose GitHub Personal Access Tokens in client-sid...

Same vulnerability type (CWE-200)
CVE-2023-49103 10.0

This vulnerability in ownCloud's graphapi app exposes PHP configuration details (phpinfo) via a thir...

Same vulnerability type (CWE-200)