CVE-2024-37881
Published: 19 June 2024
Summary
CVE-2024-37881 is a medium-severity Insertion of Sensitive Information Into Sent Data (CWE-201) vulnerability. Its CVSS base score is 5.3 (Medium).
Operationally, ranked in the top 9.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
The vulnerability CVE-2024-37881 affects the SiteGuard WP Plugin for WordPress in versions prior to 1.7.7. The plugin customizes the path to wp-login.php and blocks redirection leaks from other URLs, but it omitted equivalent protection for wp-register.php, allowing the custom login path to be exposed through redirection behavior.
An unauthenticated remote attacker can request wp-register.php to trigger a redirection that leaks the customized login URL. The flaw requires no credentials or user interaction and results in limited information disclosure, consistent with its CVSS 5.3 rating.
Vendor advisories and the referenced JVN notice direct users to upgrade to version 1.7.7, where the missing redirection check for wp-register.php was added in the plugin's siteguard-rename-login.php file.
The associated EPSS score has remained flat at 0.0520 with no material rise after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-36865
Vulnerability details
SiteGuard WP Plugin provides a functionality to customize the path to the login page wp-login.php and implements a measure to avoid redirection from other URLs. However, SiteGuard WP Plugin versions prior to 1.7.7 missed to implement a measure to avoid…
more
redirection from wp-register.php. As a result, the customized path to the login page may be exposed.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Security awareness includes verifying URLs and avoiding untrusted redirects that lead to malicious sites.
Validates redirect targets and URLs to ensure they conform to allowed destinations.
Embedding taints allows detection when sensitive data is inserted into outbound or sent data streams.