CVE-2024-56289

HIGH

Groundhogg <= 3.7.3.3 - Reflected Cross-Site Scripting

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-56289. PoCs published by DoTTak.

AI-analyzed exploit summary This repository provides a detailed writeup and proof-of-concept for CVE-2024-56289, a reflected XSS vulnerability in the Groundhogg WordPress plugin. The vulnerability arises from insufficient input validation and escape processing of URL parameters in the plugin's dashboard search filtering functionality.

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Adrian Tobey Groundhogg groundhogg allows Reflected XSS.This issue affects Groundhogg: from n/a through <= 3.7.3.3.

Exploits (1)

nomisec WRITEUP
by DoTTak · poc
https://github.com/DoTTak/CVE-2024-56289

This repository provides a detailed writeup and proof-of-concept for CVE-2024-56289, a reflected XSS vulnerability in the Groundhogg WordPress plugin. The vulnerability arises from insufficient input validation and escape processing of URL parameters in the plugin's dashboard search filtering functionality.

Classification
Writeup 100%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Groundhogg WordPress plugin <= 3.7.3.2
No auth needed
Prerequisites: WordPress site with Groundhogg plugin <= 3.7.3.2 activated · Permalink set to 'Post name'
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.1
EPSS 0.0067
EPSS Percentile 47.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-79
Status published
Products (2)
Adrian Tobey/Groundhogg < 3.7.3.3
Groundhogg Inc./Groundhogg < 3.7.3.3
Published Jan 07, 2025
Tracked Since Feb 18, 2026