Platform
wordpress
Component
flashnews-fading-effect-pearlbells
Fixed in
4.1.1
CVE-2024-56012 describes a Cross-Site Request Forgery (CSRF) vulnerability affecting Pearlbells Flash News / Post (Responsive) and Pearlbells Post Title (TypeWriter) WordPress plugins. This vulnerability allows an attacker to perform unauthorized actions on a user's account without their knowledge. Versions of the plugins up to and including 4.1 are affected, and a patch is available in version 4.1.1.
The CSRF vulnerability allows an attacker to trick a legitimate user into unknowingly executing malicious actions on a WordPress site. For example, an attacker could craft a malicious link or embed it in a website that, when clicked by an authenticated user, could modify plugin settings, create or delete posts, or perform other administrative actions. This could lead to unauthorized content publication, website defacement, or even complete compromise of the WordPress installation, depending on the permissions associated with the affected user. The CRITICAL CVSS score reflects the ease of exploitation and the potential for significant impact.
This vulnerability was publicly disclosed on December 16, 2024. There is currently no indication of active exploitation in the wild, but the ease of exploitation and the CRITICAL severity rating warrant immediate attention. No Proof of Concept (PoC) code has been publicly released as of this writing. It is not listed on the CISA KEV catalog.
Exploit Status
EPSS
0.13% (32% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-56012 is to immediately upgrade Pearlbells Flash News / Post (Responsive) and Pearlbells Post Title (TypeWriter) plugins to version 4.1.1 or later. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to filter out suspicious requests containing CSRF tokens. WordPress plugins like Wordfence can help with this. Additionally, ensure users are educated about the risks of clicking on untrusted links and entering credentials on unfamiliar websites. After upgrading, verify the fix by attempting to trigger a plugin action via a crafted CSRF request and confirming that it fails.
Update the Flash News / Post (Responsive) plugin to a version later than 4.1. If no version is available, consider disabling or removing the plugin until an update is released that fixes the CSRF vulnerability. This will prevent attackers from exploiting the vulnerability to escalate privileges.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-56012 is a critical Cross-Site Request Forgery (CSRF) vulnerability affecting Pearlbells Flash News / Post (Responsive) and Post Title (TypeWriter) WordPress plugins, allowing attackers to perform unauthorized actions.
Yes, if you are using Pearlbells Flash News / Post (Responsive) or Post Title (TypeWriter) versions 4.1 or earlier, you are vulnerable to this CSRF attack.
Upgrade Pearlbells Flash News / Post (Responsive) and Post Title (TypeWriter) plugins to version 4.1.1 or later to resolve the vulnerability. Consider WAF rules as a temporary mitigation.
There is currently no confirmed active exploitation of CVE-2024-56012, but the CRITICAL severity warrants immediate patching.
Please refer to the Pearlbells website or WordPress plugin repository for the latest advisory and update information regarding CVE-2024-56012.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.