CVE-2024-10793: WP Activity Log plugin for WordPress Stored XSS Vulnerability in user_id Parameter Up to Version 5.2.1

The CVE-2024-10793 vulnerability affects the WP Activity Log plugin for WordPress, which is popularly used for tracking actions and events by logged-in users. Unauthenticated hackers can target this plugin and inject malicious web scripts into pages that execute when an admin user accesses the affected page. In this post, we will discuss this vulnerability in detail, the affected versions, and how to patch it for the safety of your WordPress site.

Vulnerability Details

The WP Activity Log plugin is vulnerable to a Stored Cross-Site Scripting (XSS) attack via the user_id parameter found in all versions up to, and including, 5.2.1. The vulnerability arises from insufficient input sanitization and output escaping, enabling unauthenticated attackers to add malicious web scripts to pages loaded by administrative users.

Affected Versions

All WP Activity Log plugin versions up to, and including, 5.2.1 are vulnerable to this XSS attack.

To exploit this vulnerability, a hacker may use the following code snippet

http://target_site/wp-admin/admin.php?page=wsal-auditlog&view=activitylog&user_id=%3Cscript%3Ealert%28%22CVE-2024-10793%22%29%3C%2Fscript%3E

By injecting this snippet into an affected WP Activity Log plugin, the attacker triggers a JavaScript alert displaying "CVE-2024-10793" when an admin user accesses the targeted page. This proof-of-concept exploit demonstrates the danger of allowing arbitrary web scripts to execute upon administrative access – an attacker could use a more malicious script to steal sensitive information or hijack user sessions.

For more information about this vulnerability, you can refer to the original disclosure

- CVE-2024-10793
- WP Activity Log WordPress Plugin Security Advisory

To protect your WordPress site from this vulnerability, take the following steps

1. Update WP Activity Log plugin: The developers have released a patch for this stored XSS vulnerability, so update your WP Activity Log plugin to version 5.2.2 or later.

2. Check the plugin's settings: Go to the plugin settings and configure them according to your security needs.

3. Regularly update all plugins: Keep all your WordPress plugins updated to the latest versions to protect against newly discovered vulnerabilities.

Conclusion

It is crucial to stay informed about the latest vulnerabilities affecting plugins installed on your WordPress site and take appropriate steps to secure your site. By regularly updating your plugins and ensuring their settings adhere to security best practices, you can minimize the risks associated with stored XSS attacks. Make sure to apply the available patch for WP Activity Log plugin version 5.2.1 and earlier to avoid exposing your WordPress site to critical security threats like CVE-2024-10793.

Timeline

Published on: 11/15/2024 06:15:04 UTC
Last modified on: 11/19/2024 21:13:22 UTC