A stored cross-site scripting (XSS) vulnerability has been discovered in the ShareThis Share Buttons plugin for WordPress, affecting all versions up to and including 2.3.. This vulnerability allows authenticated attackers with contributor-level access and above to inject malicious web scripts, which are then executed when users access injected pages. To mitigate this risk, users are urged to update to the latest version of the plugin as soon as possible.

Vulnerability Details & Exploitation

The ShareThis Share Buttons (STSB) plugin for WordPress is widely used to facilitate easy sharing of website content with social media networks. A vulnerability has been discovered in the plugin's 'sharethis-inline-button' shortcode which enables stored XSS attacks. Essentially, the vulnerability exists due to insufficient input sanitization and output escaping on user-supplied attributes. This allows attacker-controlled scripts to be injected into web pages, running in the context of the user's browser when accessed.

To exploit this vulnerability, an attacker with contributor-level access to a WordPress site utilizing the STSB plugin (version <= 2.3.) can craft a malicious shortcode like this:

[sharethis-inline-button style="undefined" onhover="alert(1)"]

When this malicious shortcode is added to a WordPress page or post and subsequently loaded in a user's browser, the JavaScript payload (in this case, alert(1)) will be executed.

Original References

The vulnerability was assigned the identifier CVE-2024-3648 and has been acknowledged by the ShareThis team. More information can be found in the following references:

- CVE-2024-3648: The Official CVE Details
- ShareThis Stored XSS Advisory
- WordPress Plugin Vulnerability Database (WPVDB) Entry

Mitigation & Remediation

To protect yourWordPress site from this vulnerability, it is highly recommended to take the following steps:

1. Update the ShareThis Share Buttons plugin to the latest version (2.3.1 or higher) as soon as it is available. This can be achieved by navigating to the 'Plugins' section within the WordPress dashboard and selecting the 'Update Available' option for the STSB plugin.
2. Regularly review and restrict user access levels to ensure that contributor-level access and above is limited only to trusted individuals.
3. Monitor your website for any suspicious behavior or injected content, such as unfamiliar shortcodes, web scripts or third-party resources.
4. Ensure other plugins, themes, and WordPress core software are regularly updated to minimize any security risks.

Conclusion

CVE-2024-3648 is a Stored XSS vulnerability present in the ShareThis Share Buttons plugin for WordPress, affecting all versions up to 2.3.. This vulnerability exposes websites to risks of content manipulation and security breaches, as authenticated attackers, with contributor-level access and above, can inject arbitrary web scripts in pages. To secure your website from this vulnerability, update the STSB plugin to the latest version and follow security best practices for user management and website monitoring. Stay safe and secure online!

Timeline

Published on: 05/23/2024 07:15:09 UTC
Last modified on: 08/01/2024 20:19:59 UTC