CVE-2024-6297

Several WordPress.org Plugins <= Various Versions - Injected Backdoor

Description

Several plugins for WordPress hosted on WordPress.org have been compromised and injected with malicious PHP scripts. A malicious threat actor compromised the source code of various plugins and injected code that exfiltrates database credentials and is used to create new, malicious, administrator users and send that data back to a server. Currently, not all plugins have been patched and we strongly recommend uninstalling the plugins for the time being and running a complete malware scan.

10.0
CVSS
Severity: Critical
CVSS 3.1 •
EPSS 3.19% Top 15%
Affected: warfareplugins Social Sharing Plugin – Social Warfare
Affected: themerex Contact Form 7 Multi-Step Addon
Affected: stuartobrien Simply Show Hooks
Affected: pedrogusmao02 Wrapper Link Elementor
Affected: blazeretail BLAZE Retail Widget
Published at:
Updated at:

References

Link Tags
https://www.wordfence.com/threat-intel/vulnerabilities/id/56d24bc8-4a1a-4e60-aec5-960703a6058a?source=cve
https://wordpress.org/support/topic/a-security-message-from-the-plugin-review-team/
https://plugins.trac.wordpress.org/browser/social-warfare/tags/4.4.6.4/trunk/social-warfare.php#L54
https://plugins.trac.wordpress.org/browser/social-warfare/tags/4.4.6.4/trunk/social-warfare.php#L583
https://plugins.trac.wordpress.org/changeset/3105893/
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3106042%40social-warfare&new=3106042%40social-warfare&sfp_email=&sfph_mail=
https://plugins.trac.wordpress.org/browser/simply-show-hooks/trunk/index.php
https://plugins.trac.wordpress.org/browser/contact-form-7-multi-step-addon/trunk/trx-contact-form-7-multi-step-addon.php
https://plugins.trac.wordpress.org/browser/wrapper-link-elementor/trunk/wrapper.php?rev=3106508
https://plugins.trac.wordpress.org/browser/blaze-widget/trunk/blaze_widget.php

Frequently Asked Questions

What is the severity of CVE-2024-6297?
CVE-2024-6297 has been scored as a critical severity vulnerability.
How to fix CVE-2024-6297?
To fix CVE-2024-6297, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-6297 being actively exploited in the wild?
It is possible that CVE-2024-6297 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~3% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-6297?
CVE-2024-6297 affects warfareplugins Social Sharing Plugin – Social Warfare, themerex Contact Form 7 Multi-Step Addon, stuartobrien Simply Show Hooks, pedrogusmao02 Wrapper Link Elementor, blazeretail BLAZE Retail Widget.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.