CVE-2024-12269

High

Published: 30 January 2025

Published

30 January 2025

Modified

08 April 2026

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0013 32.1th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-12269 is a high-severity Missing Authorization (CWE-862) vulnerability in Wpmessiah Safe Ai Malware Protection For Wp. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 32.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-3 Access Enforcement good match

prevent

Directly enforces approved authorizations to prevent unauthorized access to sensitive functions like export_db() lacking capability checks.

AC-6 Least Privilege good match

prevent

Implements least privilege to ensure unauthenticated attackers cannot access database export capabilities in WordPress plugins.

SI-2 Flaw Remediation good match

prevent

Requires timely remediation of flaws such as missing authorization in plugins, as evidenced by the patch in changeset 3232957.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1213.006 Databases Collection

Adversaries may leverage databases to mine valuable information.

attack.mitre.org →

Why these techniques?

The vulnerability enables unauthenticated exploitation of a public-facing WordPress plugin (T1190) to perform a complete database dump, facilitating collection of data from databases (T1213.006).

NVD Description

The Safe Ai Malware Protection for WP plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_db() function in all versions up to, and including, 1.0.17. This makes it possible for…

unauthenticated attackers to retrieve a complete dump of the site's database.

Deeper analysisAI

CVE-2024-12269 affects the Safe Ai Malware Protection for WP plugin for WordPress, specifically due to a missing capability check on the export_db() function in all versions up to and including 1.0.17. This vulnerability, classified under CWE-862 (Missing Authorization), enables unauthorized access to sensitive data. It has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high confidentiality impact with no effects on integrity or availability.

Unauthenticated attackers can exploit this vulnerability remotely over the network with low complexity and no user interaction required. By accessing the export_db() function, they can retrieve a complete dump of the site's database, potentially exposing user credentials, personal data, and other confidential information stored in the WordPress database.

Advisories from sources like Wordfence detail the issue and reference the vulnerable code in class-mvsp-export-db.php at line 7, along with a patch applied in changeset 3232957 for the plugin. Mitigation involves updating to a version beyond 1.0.17 where the capability check has been implemented to prevent unauthorized database exports.