CVE-2024-8477 in Newsletter, SMTP, Email Marketing and Subscribe Forms Plugin
Summary
by MITRE • 10/10/2024
The Newsletter, SMTP, Email marketing and Subscribe forms by Brevo (formely Sendinblue) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.87. This is due to missing or incorrect nonce validation on the Init() function. This makes it possible for unauthenticated attackers to log out of a Brevo connection via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 06/06/2026
The vulnerability in the Brevo plugin for WordPress represents a critical cross-site request forgery weakness that affects all versions up to and including 3.1.87. This flaw resides within the plugin's Init() function where proper nonce validation is either missing or incorrectly implemented, creating a significant security gap that adversaries can exploit to manipulate authenticated sessions. The vulnerability stems from the plugin's failure to adequately verify the authenticity of requests originating from the WordPress admin interface, allowing malicious actors to craft forged requests that appear legitimate to the system.
The technical implementation flaw manifests in the absence of proper cryptographic token validation within the plugin's authentication handling mechanisms. Nonces serve as critical anti-CSRF protection by ensuring that requests originate from legitimate sources within the same session context. When these tokens are not properly validated or generated, attackers can construct malicious requests that bypass the plugin's security controls. This vulnerability specifically targets the Brevo connection logout functionality, where an attacker could force a logged-in administrator to terminate their session without their knowledge or consent.
The operational impact of this vulnerability extends beyond simple session manipulation to potentially compromise the entire email marketing infrastructure managed through the plugin. An attacker who successfully exploits this CSRF vulnerability could force administrators to log out of their Brevo accounts, disrupting email campaigns and potentially exposing sensitive configuration data. The attack requires only social engineering to trick administrators into clicking malicious links, making it particularly dangerous as it can be executed without requiring any authentication credentials from the attacker. This makes the vulnerability especially concerning in environments where administrators frequently visit external sites or receive emails with embedded links.
From a cybersecurity perspective, this vulnerability aligns with CWE-352, which specifically addresses cross-site request forgery conditions in web applications. The weakness demonstrates poor input validation and inadequate session management practices that violate fundamental security principles. The ATT&CK framework categorizes this as a privilege escalation technique where adversaries leverage web application vulnerabilities to manipulate user sessions and gain unauthorized access to administrative functions. Organizations using this plugin face potential data exposure and service disruption risks, particularly when administrators are targeted through spear-phishing campaigns that include malicious links designed to exploit this exact vulnerability.
The recommended mitigations include immediate plugin updates to versions that implement proper nonce validation, along with implementing additional security measures such as content security policies and regular security audits of WordPress plugins. Administrators should also implement multi-factor authentication for their WordPress admin accounts and establish strict access controls to limit the impact of potential session hijacking attempts. Organizations should conduct comprehensive vulnerability assessments to identify other plugins or components that may be similarly vulnerable to CSRF attacks, particularly those handling authentication or session management functions.