CVE-2024-3597 in Export WP Page to Static HTML-CSS Plugin
Summary
by MITRE • 06/20/2024
The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 2.2.2. This is due to insufficient validation on the redirect url supplied via the rc_exported_zip_file parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 03/22/2025
The CVE-2024-3597 vulnerability affects the Export WP Page to Static HTML/CSS plugin for WordPress, a widely used tool for converting WordPress pages into static HTML files. This plugin enables users to export their WordPress content into static web pages, which is particularly useful for performance optimization and content migration purposes. The vulnerability exists in all versions up to and including 2.2.2, making it a significant security concern for WordPress administrators who rely on this plugin for their website operations. The issue stems from improper input validation within the plugin's redirect functionality, creating a pathway for attackers to manipulate the redirection behavior.
The technical flaw manifests through insufficient validation of the redirect URL parameter named rc_exported_zip_file. When users interact with the plugin's export functionality, the system accepts a redirect parameter that should control where users are sent after the export process completes. However, the plugin fails to properly sanitize or validate this parameter, allowing attackers to inject arbitrary URLs into the redirect mechanism. This creates an open redirect vulnerability where an attacker can specify any URL they choose, potentially directing users to malicious sites. The vulnerability is particularly dangerous because it affects unauthenticated users, meaning no login credentials or administrative privileges are required to exploit it.
The operational impact of this vulnerability is substantial for WordPress website owners and administrators. An attacker could craft malicious links that appear legitimate but redirect users to phishing sites, malware distribution points, or other malicious destinations. This opens the door for various attack vectors including credential theft, malware infection, and social engineering campaigns. The vulnerability is especially concerning in environments where WordPress plugins are frequently used for content management, as the attack surface expands to include any user who interacts with the exported content functionality. The open redirect mechanism could be exploited in phishing campaigns where users are tricked into clicking links that appear to be legitimate WordPress export operations, making the attack more convincing and harder to detect.
Mitigation strategies for this vulnerability should focus on immediate remediation and ongoing security monitoring. The primary solution involves updating to the latest version of the Export WP Page to Static HTML/CSS plugin where the vulnerability has been addressed through proper input validation and sanitization of redirect parameters. Administrators should also implement additional security measures such as monitoring for suspicious redirect patterns in web server logs and implementing web application firewalls that can detect and block malicious redirect attempts. The vulnerability aligns with CWE-601 Open Redirect vulnerability classification, which specifically addresses the risk of redirecting users to untrusted websites. From an ATT&CK framework perspective, this vulnerability maps to techniques involving social engineering and initial access through malicious links, potentially enabling further compromise of the affected systems. Organizations should also consider implementing Content Security Policy headers and other browser-based security measures to provide additional protection against open redirect attacks.