A critical Stored Cross-Site Scripting (XSS) vulnerability has been identified in the popular Website Optimization - Plerdy plugin for WordPress (all versions up to and including 1.3.2). The vulnerability arises from insufficient input sanitization and output escaping of the plugin's tracking code settings, which may result in arbitrary web scripts injection by authenticated attackers having administrator-level access. Exploitation of the vulnerability can lead to unauthorized access to user data, possible defacement of affected sites, and potential spread of malware. This vulnerability primarily affects multi-site installations and environments where the unfiltered_html capability has been disabled.
Exploit Details
The vulnerability lies within the plugin's tracking code settings, where an input field allows users with administrator privileges to insert custom tracking code. Due to insufficient input sanitization and output escaping, an attacker can inject malicious JavaScript code in this input field. Once injected, the malicious code will be executed when a user visits the affected page.
Below is a simple example of a malicious code snippet
// Simple XSS payload
<script>alert('XSS Attack!');</script>
In a real-world attack scenario, the attacker may inject a more sophisticated payload, such as one designed to steal user cookies or redirect users to phishing sites.
To mitigate the risk of exploitation, users of the affected plugin are advised to update to the latest patched version (1.3.3 or higher) as soon as it is made available by the plugin's developers. In the meantime, administrators can protect their sites by either disabling the plugin or restricting access to the tracking code settings to trusted administrators only.
For more information about the vulnerability (CVE-2023-5715), you can refer to the following sources
1. Exploit Database Entry: The Exploit Database hosts detailed information about the vulnerability and maintains an up-to-date list of affected versions.
2. WordPress Vulnerability Database: This site tracks reported WordPress vulnerabilities, their severity scores, and related links.
3. Official Security Advisory by the Plugin Vendor: This webpage will be updated by Plerdy with any official patches, workarounds, and recommendations.
4. CVE-2023-5715 in NVD: The National Vulnerability Database (NVD) summarizes the vulnerability and provides a common severity rating system.
Conclusion
The discovery of CVE-2023-5715 highlights the importance of securing WordPress plugins and ensuring they are updated regularly. The Website Optimization - Plerdy plugin has been widely used, increasing the potential impact of this vulnerability. Administrators are encouraged to take immediate steps in mitigating potential risks by either disabling the plugin or updating to a patched version as soon as it becomes available. Furthermore, granting access to sensitive functions, such as tracking code settings, should be limited to trusted administrators only.
Timeline
Published on: 11/22/2023 16:15:14 UTC
Last modified on: 11/29/2023 19:50:49 UTC