CVE-2024-0700 in Simple Tweet Plugininfo

Summary

by MITRE • 03/13/2024

The Simple Tweet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Tweet this text value in all versions up to, and including, 1.4.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Analysis

by VulDB Data Team • 04/12/2026

The Simple Tweet plugin for WordPress represents a critical security vulnerability classified as CVE-2024-0700, which manifests as a stored cross-site scripting flaw affecting versions up to and including 1.4.0.2. This vulnerability resides within the plugin's handling of the Tweet this text value parameter, creating a persistent security risk that can be exploited by authenticated attackers possessing author-level privileges or higher. The flaw stems from inadequate input sanitization mechanisms and insufficient output escaping procedures that fail to properly validate or encode user-supplied data before it is stored in the database and subsequently rendered in web pages.

The technical exploitation of this vulnerability occurs through a stored XSS vector where malicious scripts are injected into the Tweet this text field and subsequently stored within the WordPress database. When legitimate users access pages containing the compromised content, their browsers execute the injected malicious code within their browser context, potentially leading to session hijacking, credential theft, or redirection to malicious sites. This vulnerability operates at the intersection of CWE-79, which defines cross-site scripting as a weakness in input validation and output encoding, and represents a classic case of persistent XSS where the malicious payload is stored server-side rather than reflected from the request.

The operational impact of CVE-2024-0700 extends beyond simple script execution as it provides attackers with a foothold for more sophisticated attacks within the WordPress environment. Authorized users with author-level access can leverage this vulnerability to compromise other users' sessions, potentially escalating privileges or accessing restricted content. The attack vector is particularly concerning because it requires minimal privileges and can affect any user who views pages containing the malicious tweet content, making it a significant risk to blog administrators and content creators who may not immediately notice the injection. This vulnerability aligns with ATT&CK technique T1566.001 for credential access through phishing and T1059.001 for command and control through script injection.

Mitigation strategies for this vulnerability must address both immediate remediation and long-term security hardening measures. The primary recommendation involves updating to the latest version of the Simple Tweet plugin where the input sanitization and output escaping issues have been resolved. Administrators should also implement additional security measures such as restricting user privileges to the minimum necessary access levels, implementing content security policies to prevent script execution, and conducting regular security audits of installed plugins. The vulnerability highlights the importance of proper input validation and output encoding practices, which are fundamental to preventing XSS attacks according to OWASP top ten security principles and should be enforced through proper code review processes and automated security scanning tools.

Responsible

Wordfence

Reservation

01/18/2024

Disclosure

03/13/2024

Moderation

accepted

CPE

ready

EPSS

0.00532

KEV

no

Activities

very low

Sources

Want to know what is going to be exploited?

We predict KEV entries!