CVE-2024-9702
📋 TL;DR
This vulnerability allows authenticated WordPress users with contributor-level access or higher to inject malicious scripts into website pages via the Social Rocket plugin's shortcode. When visitors view compromised pages, the scripts execute in their browsers, potentially stealing credentials or performing unauthorized actions. All WordPress sites using Social Rocket plugin versions up to 1.3.4 are affected.
💻 Affected Systems
- Social Rocket – Social Sharing Plugin for WordPress
📦 What is this software?
Social Rocket by Wpsocialrocket
⚠️ Risk & Real-World Impact
Worst Case
Attackers could steal administrator credentials, redirect users to malicious sites, deface websites, or perform actions on behalf of authenticated users, potentially leading to complete site compromise.
Likely Case
Attackers inject malicious JavaScript to steal user session cookies, redirect visitors to phishing pages, or display unwanted advertisements.
If Mitigated
With proper user access controls and content security policies, impact is limited to defacement or minor content manipulation on affected pages.
🎯 Exploit Status
Exploitation requires contributor-level WordPress access. Attack vectors are well-documented in security advisories.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.3.5 or later
Vendor Advisory: https://wordpress.org/plugins/social-rocket/
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find Social Rocket plugin. 4. Click 'Update Now' if update available. 5. If no update appears, manually download version 1.3.5+ from WordPress.org and replace plugin files.
🔧 Temporary Workarounds
Disable vulnerable shortcode
allRemove or disable the 'socialrocket-floating' shortcode functionality
Edit WordPress theme files to remove shortcode usage
Add remove_shortcode('socialrocket-floating') to theme functions.php
Restrict user permissions
allTemporarily remove contributor-level posting permissions from untrusted users
Navigate to Users → All Users in WordPress admin
Edit user roles to remove contributor access
🧯 If You Can't Patch
- Implement Content Security Policy (CSP) headers to restrict script execution
- Regularly audit user accounts and remove unnecessary contributor-level permissions
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin → Plugins → Installed Plugins for Social Rocket version. If version is 1.3.4 or lower, system is vulnerable.Check Version:
wp plugin list --name=social-rocket --field=version (if WP-CLI installed)Verify Fix Applied:
After updating, verify Social Rocket plugin shows version 1.3.5 or higher in WordPress plugins list.📡 Detection & Monitoring
Log Indicators:
- Unusual shortcode modifications in post/page revisions
- Multiple failed login attempts followed by successful contributor login
- Posts/pages containing unusual script tags or encoded JavaScript
Network Indicators:
- Unexpected external JavaScript loads from post content
- Suspicious outbound connections after page views
SIEM Query:
source="wordpress" AND (event="post_modified" OR event="shortcode_used") AND plugin="social-rocket" AND version<="1.3.4"