CVE-2024-8050 in Custom Author Base Plugin
Summary
by MITRE • 05/16/2025
The Custom Author Base WordPress plugin through 1.1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 06/13/2025
The CVE-2024-8050 vulnerability affects the Custom Author Base WordPress plugin version 1.1.1 and earlier, representing a critical security flaw that undermines the integrity of administrative configurations. This issue stems from the absence of Cross-Site Request Forgery (CSRF) protection mechanisms within the plugin's settings update functionality, creating a significant attack vector for malicious actors who can manipulate administrative workflows without proper authorization. The vulnerability specifically targets the plugin's ability to process configuration changes, making it susceptible to unauthorized modifications by attackers who can trick administrators into executing malicious requests.
The technical flaw manifests as a complete lack of CSRF tokens or validation mechanisms when processing settings updates through the plugin's administrative interface. When administrators navigate to the plugin's configuration page and submit changes, the system fails to verify that the request originates from a legitimate administrative session. This absence of validation allows attackers to craft malicious web pages or emails containing embedded requests that, when clicked by an authenticated administrator, automatically modify the plugin's settings without the user's knowledge or consent. The vulnerability operates at the application layer and directly impacts the WordPress administration interface, where the plugin's settings are managed.
The operational impact of this vulnerability extends beyond simple configuration changes, as it enables attackers to potentially compromise the entire WordPress installation through manipulation of the author base settings. Attackers could alter author permissions, modify user access controls, or redirect traffic through the plugin's configuration parameters, potentially leading to unauthorized content publication, user account takeovers, or even complete system compromise. The attack requires minimal technical expertise and can be executed through social engineering techniques, making it particularly dangerous in environments where administrators frequently click on suspicious links or visit compromised websites.
Security mitigation strategies for CVE-2024-8050 should prioritize immediate plugin updates to versions that implement proper CSRF protection mechanisms. Organizations should also implement additional administrative controls such as role-based access restrictions, regular security audits of installed plugins, and monitoring of administrative activities for suspicious configuration changes. The vulnerability aligns with CWE-352, which specifically addresses Cross-Site Request Forgery weaknesses, and maps to ATT&CK technique T1078.004 for valid accounts and T1566 for social engineering attacks. Administrators should also consider implementing web application firewalls that can detect and block CSRF attempts, along with comprehensive security training for administrative users to recognize potential social engineering threats that could exploit this vulnerability.