How to fix CVE-2024-2297?

Within 7 days: Identify all affected systems running all and apply vendor patches promptly. Monitor vendor channels for patch availability.

Is PHP affected by CVE-2024-2297?

Organizations using all face moderate risk from CVE-2024-2297, a improper privilege management vulnerability rated CVSS 7.1. Attackers could escalate their privileges to gain elevated access beyond their authorized level.

CVE-2024-2297

HIGH

2025-02-27 [email protected]

WordPress PHP RCE Privilege Escalation Bricks

7.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:28 vuln.today

CVE Published

Feb 27, 2025 - 06:15 nvd

HIGH 7.1

DescriptionNVD

The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1. This is due to insufficient validation checks placed on the create_autosave AJAX function. This makes it possible for authenticated attackers, with contributor-level access and above, to execute arbitrary PHP code with elevated (administrator-level) privileges. NOTE: Successful exploitation requires (1) the Bricks Builder to be enabled for posts (2) Builder access to be enabled for contributor-level users, and (3) "Code Execution" to be enabled for administrator-level users within the theme's settings.

AnalysisAI

The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Improper Privilege Management (CWE-269), which allows attackers to escalate privileges to gain unauthorized elevated access. The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1. This is due to insufficient validation checks placed on the create_autosave AJAX function. This makes it possible for authenticated attackers, with contributor-level access and above, to execute arbitrary PHP code with elevated (administrator-level) privileges. NOTE: Successful exploitation requires (1) the Bricks Builder to be enabled for posts (2) Builder access to be enabled for contributor-level users, and (3) "Code Execution" to be enabled for administrator-level users within the theme's settings. Affected products include: Bricksbuilder Bricks.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply principle of least privilege, validate privilege transitions, implement proper role separation.

CVE-2024-2297 vulnerability details – vuln.today

Back

CVE-2024-2297

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code