CVE-2024-8252

HIGH NUCLEI

Clean Login <1.14.5 - Code Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-8252. PoCs published by certuscyber. A Nuclei detection template is also available.

AI-analyzed exploit summary The repository contains functional exploit code for multiple WordPress plugin vulnerabilities, including SQL injection (CVE-2014-5182, CVE-2014-5185) and insecure deserialization (CVE-2020-29045). Each PoC includes detailed steps, authentication handling, and payload delivery.

Description

The Clean Login plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.14.5 via the 'template' attribute of the clean-login-register shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.

Exploits (1)

github WORKING POC 3 stars

by certuscyber · pythonpoc

https://github.com/certuscyber/cve-pocs/tree/main/CVE-2024-8252

View Code ZIP pw:eip

The repository contains functional exploit code for multiple WordPress plugin vulnerabilities, including SQL injection (CVE-2014-5182, CVE-2014-5185) and insecure deserialization (CVE-2020-29045). Each PoC includes detailed steps, authentication handling, and payload delivery.

Classification

Working Poc 100%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: WordPress YAWPP plugin <= 1.2, WordPress Quartz plugin <= 1.01.1

Auth required

Prerequisites: WordPress admin/contributor credentials · vulnerable plugin installed

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 27, 2026 Full analysis →

Nuclei Templates (1)

WordPress Clean Login <= 1.14.5 Authenticated (Contributor+) - Local File Inclusion

HIGHVERIFIEDby pussycat0x

Shodan: http.component:"WordPress"

References (4)

Core 4

Core References

Product

https://plugins.trac.wordpress.org/browser/clean-login/tags/1.14.5/include/frontend.php#L20

Product

https://plugins.trac.wordpress.org/browser/clean-login/tags/1.14.5/include/shortcodes.php#L146

Patch

https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3143241%40clean-login&new=3143241%40clean-login&sfp_email=&sfph_mail=

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/b9f99b51-e1b1-4cd3-a9f7-24e4b59811a7?source=cve

Scores

CVSS v3 8.8

EPSS 0.0303

EPSS Percentile 85.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-829 CWE-98

Status published

Products (2)

codection/clean_login < 1.14.6

hornero/Clean Login < 1.14.5

Published Aug 30, 2024

Tracked Since Feb 18, 2026