CVE-2024-9588
📋 TL;DR
This CSRF vulnerability in the Category and Taxonomy Meta Fields WordPress plugin allows unauthenticated attackers to manipulate taxonomy metadata by tricking administrators into clicking malicious links. It affects WordPress sites using this plugin up to version 1.0.0. Attackers can add or delete taxonomy meta fields without proper authentication.
💻 Affected Systems
- WordPress Category and Taxonomy Meta Fields plugin
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Attackers could modify critical taxonomy structures, potentially breaking site functionality, altering content organization, or creating backdoors through manipulated metadata.
Likely Case
Attackers add or delete taxonomy meta fields, causing content display issues, SEO problems, or minor site functionality disruptions.
If Mitigated
With proper CSRF protections and admin awareness, exploitation attempts fail with no impact on site operations.
🎯 Exploit Status
CSRF attacks are well-understood and easy to weaponize. No authentication required, but requires social engineering to trick administrators.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.0.1
Vendor Advisory: https://plugins.trac.wordpress.org/browser/wp-custom-taxonomy-meta/trunk/includes/options.php?rev=1196908#L103
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Category and Taxonomy Meta Fields'. 4. Click 'Update Now' if available, or manually update to version 1.0.1+. 5. Verify plugin is active and functioning.
🔧 Temporary Workarounds
Disable vulnerable plugin
allTemporarily deactivate the plugin until patched
wp plugin deactivate wp-custom-taxonomy-meta
Add CSRF protection middleware
allImplement custom nonce validation for admin actions
🧯 If You Can't Patch
- Implement strict Content Security Policy (CSP) headers to limit cross-origin requests
- Educate administrators about phishing risks and implement multi-factor authentication
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel > Plugins > Category and Taxonomy Meta Fields > Version. If version is 1.0.0 or lower, you are vulnerable.Check Version:
wp plugin get wp-custom-taxonomy-meta --field=versionVerify Fix Applied:
Verify plugin version is 1.0.1 or higher in WordPress admin panel. Test taxonomy meta functionality remains working.📡 Detection & Monitoring
Log Indicators:
- Unusual POST requests to wp-admin/admin-ajax.php with action=wpaft_option_page
- Multiple taxonomy meta changes from single admin session
Network Indicators:
- Cross-origin requests to admin endpoints without proper referrer headers
SIEM Query:
source="wordpress" AND (uri_path="/wp-admin/admin-ajax.php" AND parameters.action="wpaft_option_page")