CVE-2024-5324

HIGH EXPLOITED

WordPress Login/Signup Popup <2.7.2 - Info Disclosure

Title source: llm

Exploitation Summary

CVE-2024-5324 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including RandomRobbieBF.

AI-analyzed exploit summary This PoC exploits CVE-2024-5324, a missing authorization vulnerability in the Login/Signup Popup WordPress plugin (versions 2.7.1-2.7.2), allowing authenticated attackers to modify arbitrary options, such as enabling user registration with administrator privileges.

Description

Multiple plugins for WordPress utilizing the XootiX Framework are vulnerable to unauthorized modification of data due to a missing capability check on the 'import_settings' function in various versions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary options on affected sites. This can be used to enable new user registration and set the default role for new users to Administrator.

Exploits (1)

nomisec WORKING POC 1 stars

by RandomRobbieBF · remote

https://github.com/RandomRobbieBF/CVE-2024-5324

View Code ZIP pw:eip

This PoC exploits CVE-2024-5324, a missing authorization vulnerability in the Login/Signup Popup WordPress plugin (versions 2.7.1-2.7.2), allowing authenticated attackers to modify arbitrary options, such as enabling user registration with administrator privileges.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Login/Signup Popup (Inline Form + Woocommerce) WordPress plugin versions 2.7.1-2.7.2

Auth required

Prerequisites: Valid WordPress credentials (Subscriber-level or higher) · Target plugin version 2.7.1 or 2.7.2

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7

Core References

https://plugins.trac.wordpress.org/browser/side-cart-woocommerce/trunk/includes/xoo-framework/admin/class-xoo-admin-settings.php#L83

https://plugins.trac.wordpress.org/changeset/3111541/

https://plugins.trac.wordpress.org/changeset/3115392/mobile-login-woocommerce/trunk?contextall=1&old=3084918&old_path=%2Fmobile-login-woocommerce%2Ftrunk

https://plugins.trac.wordpress.org/changeset/3117332/

Patch

https://plugins.trac.wordpress.org/browser/easy-login-woocommerce/trunk/includes/xoo-framework/admin/class-xoo-admin-settings.php#L83

Patch

https://plugins.trac.wordpress.org/changeset/3093994/

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/005a27c6-b9eb-466c-b0c3-ce52c25bb321?source=cve

Scores

CVSS v3 8.8

EPSS 0.0151

EPSS Percentile 71.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

VulnCheck KEV 2024-06-05

CWE

CWE-862 CWE-863

Status published

Products (9)

xootix/Login & Register Customizer – Popup | Slider | Inline | WooCommerce 2.7.1 - 2.7.2

xootix/login\/signup_popup 2.7.1

xootix/login\/signup_popup 2.7.2

xootix/OTP Login & Register Woocommerce < 2.6.1

xootix/otp_login_woocommerce_\&_gravity_forms < 2.6.2

xootix/Side Cart Woocommerce | Woocommerce Cart 2.5

xootix/side_cart_woocommerce 2.5

xootix/Waitlist Woocommerce ( Back in stock notifier ) < 2.6

xootix/waitlist_woocommerce < 2.6.1

Published Jun 06, 2024

Tracked Since Feb 18, 2026