Cyber Resilience

CVE-2024-56000

Critical

Published: 18 February 2025

Published
18 February 2025
Modified
29 April 2026
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0022 45.1th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-56000 is a critical-severity Incorrect Privilege Assignment (CWE-266) vulnerability. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 45.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-2 (Account Management) and AC-6 (Least Privilege).

Deeper analysis

CVE-2024-56000 is an Incorrect Privilege Assignment vulnerability (CWE-266) in the SeventhQueen K Elements WordPress plugin, enabling privilege escalation. The issue affects all versions of the K Elements plugin from n/a through those prior to 5.4.0.

The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating it can be exploited remotely by unauthenticated attackers with low complexity and no user interaction. Exploitation allows attackers to achieve unauthenticated account takeover, resulting in high impacts to confidentiality, integrity, and availability through elevated privileges on the affected WordPress site.

The Patchstack advisory recommends updating the K Elements plugin to version 5.4.0 or later to mitigate this vulnerability.

EU & UK References

Vulnerability details

Incorrect Privilege Assignment vulnerability in SeventhQueen K Elements k-elements allows Privilege Escalation.This issue affects K Elements: from n/a through < 5.4.0.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Direct unauthenticated remote privilege escalation via public-facing WordPress plugin flaw enables T1190 exploitation and T1068 escalation to account takeover.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-24971Shared CWE-266
CVE-2024-51888Shared CWE-266
CVE-2025-44655Shared CWE-266
CVE-2025-49388Shared CWE-266
CVE-2024-43333Shared CWE-266
CVE-2024-12470Shared CWE-266
CVE-2026-23550Shared CWE-266
CVE-2026-32520Shared CWE-266
CVE-2025-67953Shared CWE-266
CVE-2024-32555Shared CWE-266

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Timely remediation of the flawed K Elements plugin by patching to version 5.4.0 or later directly eliminates the incorrect privilege assignment vulnerability.

prevent

Enforcing least privilege directly counters privilege escalation from incorrect privilege assignments in the plugin.

prevent

Account management processes ensure proper identification, provisioning, and review of privileges to prevent unauthorized escalations like those in CVE-2024-56000.

References