CVE-2024-12301 is a Cross-Site Request Forgery (CSRF) vulnerability identified in the JSP Store Locator WordPress plugin, specifically in versions up to 1.0. The vulnerability arises because the plugin lacks adequate CSRF protections in certain functionalities, allowing attackers to craft malicious requests that, when executed by authenticated users, can trigger unintended actions without their consent. CSRF attacks exploit the trust a web application has in a user's browser by leveraging the user's authenticated session to perform state-changing operations. In this case, the absence of CSRF tokens or similar verification mechanisms in the JSP Store Locator plugin means that an attacker can induce logged-in users to perform actions such as modifying store locator data or settings, potentially leading to unauthorized changes or disruptions. The CVSS 3.1 base score of 6.5 (medium severity) reflects that the attack vector is network-based (AV:N), requires no privileges (PR:N), but does require user interaction (UI:R). The impact is primarily on integrity (I:H) with no direct confidentiality or availability impact. No known exploits are currently reported in the wild, and no patches have been linked yet, indicating that the vulnerability might be newly disclosed or under analysis. The plugin's vendor is unknown, which may complicate timely remediation and increases risk if the plugin is widely used without active maintenance. Given that the vulnerability affects a WordPress plugin, the threat surface includes any WordPress sites using this plugin, especially those with authenticated users who have permissions to perform sensitive actions within the plugin's scope.

For European organizations, the impact of this CSRF vulnerability depends largely on the deployment of the JSP Store Locator plugin within their WordPress environments. Organizations using this plugin on public-facing websites risk unauthorized modification of store locator information, which could mislead customers, damage brand reputation, or disrupt business operations. Since the vulnerability affects integrity without direct confidentiality or availability impact, the primary concern is unauthorized data manipulation. However, if attackers can manipulate store data, it could indirectly affect customer trust and operational workflows. Additionally, if the plugin is used in e-commerce or customer engagement contexts, such unauthorized changes could have financial or compliance implications, especially under regulations like GDPR if customer data is indirectly affected. The requirement for user interaction means phishing or social engineering could be used to exploit the vulnerability, increasing risk to organizations with less security-aware user bases. The lack of vendor information and patches may delay mitigation, prolonging exposure. European organizations with WordPress-based digital assets should assess their use of this plugin and consider the risk of CSRF attacks that could compromise the integrity of their web services.

1. Immediate audit of all WordPress sites within the organization to identify installations of the JSP Store Locator plugin. 2. If the plugin is found, restrict access to authenticated users with minimal necessary privileges to reduce the risk of CSRF exploitation. 3. Implement Web Application Firewall (WAF) rules that detect and block suspicious CSRF-like requests targeting the plugin’s endpoints. 4. Educate users with authenticated access about the risks of phishing and social engineering that could trigger CSRF attacks. 5. Where possible, disable or remove the JSP Store Locator plugin until a patched version is available or an alternative plugin with proper CSRF protections can be deployed. 6. For organizations with development capabilities, consider applying custom CSRF tokens or nonce verification in the plugin code as an interim fix. 7. Monitor web logs for unusual POST requests or changes related to the store locator functionality. 8. Keep abreast of updates from WordPress security communities or WPScan for any forthcoming patches or advisories regarding this vulnerability.