CVE-2024-2297
Published: 27 February 2025
Summary
CVE-2024-2297 is a high-severity Improper Privilege Management (CWE-269) vulnerability in Bricksbuilder Bricks. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 45.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).
Deeper analysis
CVE-2024-2297 is a privilege escalation vulnerability affecting the Bricks theme for WordPress in all versions up to and including 1.9.6.1. The issue stems from insufficient validation checks in the create_autosave AJAX function, which allows authenticated attackers to bypass access controls. It has a CVSS v3.1 base score of 7.1 (AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H) and is associated with CWE-269 (Improper Privilege Management).
Attackers with contributor-level access or higher can exploit this vulnerability to execute arbitrary PHP code with administrator-level privileges. Successful exploitation requires three specific conditions: the Bricks Builder must be enabled for posts, builder access must be enabled for contributor-level users, and "Code Execution" must be enabled for administrator-level users within the theme's settings. This enables network-based attacks with low privileges, user interaction, and high impact on confidentiality, integrity, and availability.
Advisories from Bricks and Wordfence recommend updating to Bricks version 1.9.7, which addresses the vulnerability. Security practitioners should verify theme settings to ensure the required conditions are not met and monitor for unauthorized admin actions on affected sites. Full details are available at https://bricksbuilder.io/release/bricks-1-9-7/ and https://www.wordfence.com/threat-intel/vulnerabilities/id/cb075e85-75fc-4008-8270-4d1064ace29e?source=cve.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-27252
Vulnerability details
The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1. This is due to insufficient validation checks placed on the create_autosave AJAX function. This makes it possible for authenticated attackers, with contributor-level…
more
access and above, to execute arbitrary PHP code with elevated (administrator-level) privileges. NOTE: Successful exploitation requires (1) the Bricks Builder to be enabled for posts (2) Builder access to be enabled for contributor-level users, and (3) "Code Execution" to be enabled for administrator-level users within the theme's settings.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Directly enables exploitation for privilege escalation from contributor to admin with arbitrary PHP code execution.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Enforces least privilege to prevent contributor-level users from escalating to administrator-level PHP code execution via the vulnerable AJAX function.
Requires enforcement of access authorizations in the create_autosave AJAX function to address insufficient validation checks enabling privilege escalation.
Mandates validation of inputs to the create_autosave AJAX function to block arbitrary PHP code execution by authenticated low-privilege attackers.