EUVD-2024-47415

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Several WordPress plugins were compromised, injecting malicious scripts that exfiltrate data.

Reporter	Title	Published	Views	Family All 29
CNNVD	WordPress Plugin Several WordPress.org Security Vulnerabilities	25 Jun 202400:00	–	cnnvd
CVE	CVE-2024-6297	25 Jun 202403:30	–	cve
Cvelist	CVE-2024-6297 Several WordPress.org Plugins <= Various Versions - Injected Backdoor	25 Jun 202403:30	–	cvelist
NVD	CVE-2024-6297	25 Jun 202404:15	–	nvd
Patchstack	WordPress Wrapper Link Elementor Plugin 1.0.2,1.0.3 is vulnerable to Backdoor	25 Jun 202400:00	–	patchstack
Patchstack	WordPress Simply Show Hooks plugin 1.2.2 - Injected Backdoor vulnerability	25 Jun 202406:28	–	patchstack
Patchstack	WordPress Seo Optimized Images Plugin 2.1.2 is vulnerable to Backdoor	28 Jun 202400:00	–	patchstack
Patchstack	WordPress BLAZE Retail Widget plugin 2.2.5 to 2.5.2 - Injected Backdoor vulnerability	25 Jun 202406:21	–	patchstack
Patchstack	WordPress WP Server Health Stats plugin 1.7.6 - Injected Backdoor vulnerability	28 Jun 202418:23	–	patchstack
Patchstack	WordPress Wrapper Link Elementor plugin 1.0.2, 1.0.3 - Injected Backdoor vulnerability	25 Jun 202406:30	–	patchstack

[
  {
    "enisaIdVendor": [
      {
        "id": "2360aa43-5ea6-3be6-a9d3-4e17a78efd85",
        "vendor": {
          "name": "stuartobrien"
        }
      },
      {
        "id": "68b2b5ed-7bff-31e5-9876-b0a6dd48c0eb",
        "vendor": {
          "name": "themerex"
        }
      },
      {
        "id": "76e0be5b-de55-3cb0-9ea3-2d625c655233",
        "vendor": {
          "name": "warfareplugins"
        }
      },
      {
        "id": "cf99fcf8-13d5-39ec-b9bd-6b9d604deae0",
        "vendor": {
          "name": "blazeretail"
        }
      },
      {
        "id": "d9f861ad-7a52-3f63-a649-4f9317b1311e",
        "vendor": {
          "name": "pedrogusmao02"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "1c633b71-2005-3374-9ace-38012dcba710",
        "product": {
          "name": "Wrapper Link Elementor"
        },
        "product_version": "1.0.2 ≤1.0.3"
      },
      {
        "id": "3eaae00a-61a5-3e52-b54e-a92925a22d3c",
        "product": {
          "name": "Social Sharing Plugin – Social Warfare"
        },
        "product_version": "4.4.6.4 ≤4.4.7.1"
      },
      {
        "id": "504c5334-b7b5-3bf4-9009-f0c146606465",
        "product": {
          "name": "BLAZE Retail Widget"
        },
        "product_version": "2.2.5 ≤2.5.2"
      },
      {
        "id": "d3599a25-ac71-30f5-adab-ba82c25c5982",
        "product": {
          "name": "Simply Show Hooks"
        },
        "product_version": "1.2.1 ≤1.2.2"
      },
      {
        "id": "d8e71de5-5eb6-3a96-9317-3e172b91ea58",
        "product": {
          "name": "Contact Form 7 Multi-Step Addon"
        },
        "product_version": "1.0.4 ≤1.0.5"
      }
    ]
  }
]

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/56d24bc8-4a1a-4e60-aec5-960703a6058a
wordpress	www.wordpress.org/support/topic/a-security-message-from-the-plugin-review-team/
plugins	www.plugins.trac.wordpress.org/browser/social-warfare/tags/4.4.6.4/trunk/social-warfare.php
plugins	www.plugins.trac.wordpress.org/browser/social-warfare/tags/4.4.6.4/trunk/social-warfare.php
plugins	www.plugins.trac.wordpress.org/changeset/3105893/
plugins	www.plugins.trac.wordpress.org/changeset
plugins	www.plugins.trac.wordpress.org/browser/simply-show-hooks/trunk/index.php
plugins	www.plugins.trac.wordpress.org/browser/contact-form-7-multi-step-addon/trunk/trx-contact-form-7-multi-step-addon.php
plugins	www.plugins.trac.wordpress.org/browser/wrapper-link-elementor/trunk/wrapper.php
plugins	www.plugins.trac.wordpress.org/browser/blaze-widget/trunk/blaze_widget.php

03 Oct 2025 20:07Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.110

EPSS0.03969

SSVC