CVE-2024-9776: Vulnerability Found in ImagePress - Image Gallery Plugin for WordPress, Affecting All Versions Up to 1.2.2

WordPress is the most popular content management system (CMS) in the world, powering over a third of all websites. It is a frequent target for hackers due to its widespread use, making it extremely important for webmasters and developers to ensure that their WordPress installations are secure. One such vulnerability, identified as CVE-2024-9776, was recently discovered in the ImagePress - Image Gallery plugin for WordPress. This vulnerability impacts all versions up to, and including, 1.2.2, making it essential for users to update their plugin immediately.

Vulnerability Details

The ImagePress - Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) attacks via the admin settings. Stored XSS is a type of vulnerability that allows an attacker to inject malicious scripts into web pages, which are then executed whenever a user accesses the injected page. The malicious script can be used to hijack user sessions, redirect them to malicious websites, or even steal sensitive data.

This specific vulnerability exists because the plugin does not properly sanitize user input and does not properly escape output, meaning that an authenticated attacker with administrator-level permissions and above can inject arbitrary web scripts into the admin settings pages.

However, this vulnerability only affects multi-site WordPress installations and installations where the unfiltered_html capability has been disabled.

Exploit Details

To exploit this vulnerability, an attacker needs to have administrator access to the WordPress installation. They can inject arbitrary JavaScript code using the following steps:

Inject the malicious JavaScript code into input fields such as the "Custom CSS" field.

The injected JavaScript code will then execute whenever a user accesses a page containing the affected plugin settings.

Here is an example of a simple payload that an attacker might use

<script>alert('XSS');</script>

Original References

The vulnerability was initially reported by a security researcher through the WordPress plugin repository. The plugin’s developers have since released a patched version, 1.2.3, addressing the vulnerability. Users are strongly encouraged to update their plugin immediately to avoid any potential exploitation.

- WordPress Plugin Vulnerability Report
- ImagePress Changelog

Mitigation and Remediation

To mitigate the risks associated with this vulnerability, website administrators should do the following:

Regularly update and monitor all WordPress plugins, themes, and core files.

In conclusion, administrators and developers who use the ImagePress - Image Gallery plugin for WordPress should update their plugins promptly to address the CVE-2024-9776 vulnerability. By doing so, they can protect their websites and users from potential harm associated with Stored XSS attacks.

Timeline

Published on: 10/12/2024 06:15:03 UTC
Last modified on: 10/15/2024 12:57:46 UTC