CVE-2024-1380 — AI Deep Analysis Summary

🚨 **Essence**: A critical authorization flaw in the Relevanssi plugin. 📉 **Consequences**: Unauthenticated attackers can export sensitive query logs, exposing user search history and potential internal data structures.…

🛡️ **Root Cause**: **CWE-862** (Missing Authorization). The function `relevanssi_export_log_check()` lacks a proper capability check.…

📦 **Affected**: WordPress Plugin **Relevanssi** (Premium & Free). 📅 **Versions**: 4.22.0 and earlier. If you are running any version ≤ 4.22.0, you are vulnerable! ⚠️

💻 **Attacker Actions**: Export the **Query Log Data**. 🕵️‍♂️ This includes search terms entered by users, which can reveal sensitive business logic, internal page structures, or personal user data. No login required!

🔓 **Exploitation Threshold**: **LOW**. ⚡ **Auth**: None required (Unauthenticated). 🌐 **Network**: Remote (AV:N). 🖱️ **UI**: None needed. It’s a simple API call away for any attacker on the internet.

💥 **Public Exploit**: **YES**. 📂 PoC available on GitHub (RandomRobbieBF) and Nuclei templates. 🚀 Wild exploitation is highly likely since the mechanism is straightforward and documented.

🔍 **Self-Check**: Scan for the Relevanssi plugin version. 🧪 Use Nuclei templates (`CVE-2024-1380.yaml`) to test for the missing authorization on the export endpoint.…

🔧 **Official Fix**: The vendor has acknowledged the issue. 📢 They indicated they may add a capability check. 🔄 **Action**: Update to the latest version immediately if a patch is released.…

🚧 **No Patch?**: Disable the **Log Export** feature if possible. 🚫 Restrict access to the WordPress admin area via IP whitelisting. 🛡️ Use a WAF to block requests to the specific export endpoint.…

🔥 **Urgency**: **HIGH**. 🚨 CVSS Score: **5.3** (Medium) but impact is high due to unauthenticated access. 📉 Data privacy risk is significant. Patch immediately or apply mitigations to prevent data leakage!