Cyber Resilience

CVE-2024-7425

MediumRCE

Published: 07 February 2025

Published
07 February 2025
Modified
11 February 2025
KEV Added
Patch
CVSS Score v3.1 6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0016 37.1th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-7425 is a medium-severity Code Injection (CWE-94) vulnerability in Soflyy Wp All Export. Its CVSS base score is 6.8 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 37.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-7425 is a vulnerability in the WP ALL Export Pro plugin for WordPress that allows unauthorized modification of data, leading to privilege escalation. It stems from improper user input validation and sanitization in all versions up to and including 1.9.1. The issue, classified under CWE-94 (Code Injection), has a CVSS v3.1 base score of 6.8 (AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H) and was published on 2025-02-07.

Authenticated attackers with Shop Manager-level access or higher can exploit this vulnerability over the network with low complexity, though it requires user interaction. By updating arbitrary WordPress options, they can, for example, change the default role for new user registrations to administrator and enable user registration. This enables the attackers to create administrative accounts and gain full control over the vulnerable site.

Advisories from Wordfence detail the vulnerability and recommend mitigation through updating the plugin, as indicated by the official upgrade page from WP All Import. Security practitioners should ensure sites running affected versions upgrade promptly to patched releases to prevent exploitation.

EU & UK References

Vulnerability details

The WP ALL Export Pro plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to improper user input validation and sanitization in all versions up to, and including, 1.9.1. This makes it…

more

possible for authenticated attackers, with Shop Manager-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

The vulnerability directly enables authenticated attackers to exploit improper input handling for arbitrary option modification, resulting in privilege escalation to full administrative control.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-7419Same product: Soflyy Wp All Export
CVE-2025-21292Shared CWE-94
CVE-2026-26682Shared CWE-94
CVE-2025-33240Shared CWE-94
CVE-2025-25943Shared CWE-94
CVE-2025-64691Shared CWE-94
CVE-2025-24159Shared CWE-94
CVE-2025-63421Shared CWE-94
CVE-2025-6990Shared CWE-94
CVE-2025-62348Shared CWE-94

Affected Assets

soflyy
wp all export
≤ 1.9.2

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses the improper user input validation and sanitization in the WP ALL Export Pro plugin that enables unauthorized modification of WordPress options.

prevent

Requires timely identification, reporting, and remediation of flaws like CVE-2024-7425 through plugin patching to prevent privilege escalation exploitation.

prevent

Enforces least privilege to restrict Shop Manager-level users from accessing or modifying arbitrary site options that could lead to administrative privilege escalation.

References