CVE-2024-2172: CWE-304 Missing Critical Step in Authentication in cyberlord92 Web Application Firewall – website security
The Malware Scanner plugin and the Web Application Firewall plugin for WordPress (both by MiniOrange) are vulnerable to privilege escalation due to a missing capability check on the mo_wpns_init() function in all versions up to, and including, 4.7.2 (for Malware Scanner) and 2.1.1 (for Web Application Firewall). This makes it possible for unauthenticated attackers to escalate their privileges to that of an administrator.
AI Analysis
Technical Summary
The vulnerability identified as CVE-2024-2172 involves a missing critical step in authentication (CWE-304) within the mo_wpns_init() function of MiniOrange's Malware Scanner and Web Application Firewall WordPress plugins. This flaw permits unauthenticated attackers to escalate their privileges to administrator by bypassing capability checks. It affects all plugin versions up to 4.7.2 (Malware Scanner) and 2.1.1 (Web Application Firewall). The CVSS 3.1 base score of 9.8 reflects the high severity due to ease of exploitation over the network without authentication and the potential for complete system compromise.
Potential Impact
Successful exploitation allows unauthenticated attackers to gain administrator privileges on affected WordPress sites, leading to full control over the site, including confidentiality, integrity, and availability impacts. This could result in site defacement, data theft, or further malicious activity. No known exploits have been reported in the wild so far.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict access to the affected plugins and consider disabling them if possible. Monitor official MiniOrange channels for updates and apply patches promptly once released.
CVE-2024-2172: CWE-304 Missing Critical Step in Authentication in cyberlord92 Web Application Firewall – website security
Description
The Malware Scanner plugin and the Web Application Firewall plugin for WordPress (both by MiniOrange) are vulnerable to privilege escalation due to a missing capability check on the mo_wpns_init() function in all versions up to, and including, 4.7.2 (for Malware Scanner) and 2.1.1 (for Web Application Firewall). This makes it possible for unauthenticated attackers to escalate their privileges to that of an administrator.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability identified as CVE-2024-2172 involves a missing critical step in authentication (CWE-304) within the mo_wpns_init() function of MiniOrange's Malware Scanner and Web Application Firewall WordPress plugins. This flaw permits unauthenticated attackers to escalate their privileges to administrator by bypassing capability checks. It affects all plugin versions up to 4.7.2 (Malware Scanner) and 2.1.1 (Web Application Firewall). The CVSS 3.1 base score of 9.8 reflects the high severity due to ease of exploitation over the network without authentication and the potential for complete system compromise.
Potential Impact
Successful exploitation allows unauthenticated attackers to gain administrator privileges on affected WordPress sites, leading to full control over the site, including confidentiality, integrity, and availability impacts. This could result in site defacement, data theft, or further malicious activity. No known exploits have been reported in the wild so far.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict access to the affected plugins and consider disabling them if possible. Monitor official MiniOrange channels for updates and apply patches promptly once released.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Wordfence
- Date Reserved
- 2024-03-04T18:27:27.719Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 699f6da9b7ef31ef0b58a46e
Added to database: 2/25/2026, 9:46:17 PM
Last enriched: 4/9/2026, 1:57:11 PM
Last updated: 4/12/2026, 5:14:22 PM
Views: 22
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.