CVE-2024-51700

High

Published: 07 January 2025

Published

07 January 2025

Modified

23 April 2026

KEV Added

—

Patch

—

CVSS Score 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

EPSS Score 0.0013 32.2th percentile

Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-51700 is a high-severity Cross-site Scripting (CWE-79) vulnerability. Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Browser Session Hijacking (T1185); ranked at the 32.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-15 (Information Output Filtering).

Threat & Defense at a Glance

What attackers do: exploitation maps to Browser Session Hijacking (T1185) and 2 other techniques. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly addresses improper neutralization of input in the NAVER Analytics plugin by enforcing validation to block malicious payloads used in stored XSS exploitation.

SI-15 Information Output Filtering good match

prevent

Mitigates stored XSS by filtering outputs during web page generation to neutralize injected scripts viewed by other users.

SI-2 Flaw Remediation good match

prevent

Remediates the specific flaw in NAVER Analytics versions <=0.9 through identification, reporting, and correction of the CSRF-to-stored XSS vulnerability.

MITRE ATT&CK Enterprise TechniquesAI

T1185 Browser Session Hijacking Collection

Adversaries may take advantage of security vulnerabilities and inherent functionality in browser software to change content, modify user-behaviors, and intercept information as part of various browser session hijacking techniques.

attack.mitre.org →

T1539 Steal Web Session Cookie Credential Access

An adversary may steal web application or service session cookies and use them to gain access to web applications or Internet services as an authenticated user without needing credentials.

attack.mitre.org →

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

Stored XSS via CSRF directly enables browser session hijacking (T1185) and web session cookie theft (T1539) through arbitrary JS execution; the vuln itself is an instance of public-facing app exploitation (T1190).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eutrue NAVER Analytics naver-analytics allows Stored XSS.This issue affects NAVER Analytics: from n/a through <= 0.9.

Deeper analysisAI

CVE-2024-51700 is an Improper Neutralization of Input During Web Page Generation vulnerability, classified as Stored Cross-site Scripting (XSS) under CWE-79, affecting the NAVER Analytics WordPress plugin by eutrue (naver-analytics). This issue impacts all versions from unknown initial release through 0.9 inclusive. The vulnerability has a CVSS v3.1 base score of 7.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L), indicating high severity due to its network accessibility and scope change.

Unauthenticated attackers (PR:N) can exploit this vulnerability remotely (AV:N) with low complexity (AC:L), though it requires user interaction (UI:R), such as tricking a user into performing an action. The attack scenario involves CSRF leading to stored XSS, where malicious input is injected and persists on the site, executing in the context of other users (S:C) who view affected pages. Successful exploitation enables low-level impacts on confidentiality, integrity, and availability, such as session hijacking or data theft for viewing users.

The primary advisory from Patchstack (https://patchstack.com/database/Wordpress/Plugin/naver-analytics/vulnerability/wordpress-naver-analytics-plugin-0-9-csrf-to-stored-xss-vulnerability?_s_id=cve) documents the CSRF-to-Stored XSS vulnerability specifically in version 0.9 of the WordPress NAVER Analytics plugin. Security practitioners should consult this reference for detailed mitigation steps, including potential patches or configuration changes to prevent exploitation.

Details

CWE(s): CWE-79

CVEs Like This One

CVE-2025-0817Shared CWE-79

CVE-2026-24665Shared CWE-79

CVE-2026-32728Shared CWE-79

CVE-2026-2072Shared CWE-79

CVE-2024-55227Shared CWE-79

CVE-2025-25062Shared CWE-79

CVE-2026-27245Shared CWE-79

CVE-2025-22335Shared CWE-79

CVE-2025-25169Shared CWE-79

CVE-2025-68887Shared CWE-79

References

https://patchstack.com/database/Wordpress/Plugin/naver-analytics/vulnerability/wordpress-naver-analytics-plugin-0-9-csrf-to-stored-xss-vulnerability?_s_id=cve
audit@patchstack.com