WordPress plugins significantly enhance the functionality and versatility of websites. However, their widespread use also makes them a common target for security vulnerabilities. One such recent discovery is CVE-2024-6026 in the Slider by 10Web plugin, which affects over 20,000 installations. This vulnerability allows attackers to execute Stored Cross-Site Scripting (XSS) attacks, leading to severe consequences, including unauthorized admin account creation.
| CVE | CVE-2024-6026 |
| Plugin | Slider by 10Web < 1.2.56 |
| Critical | High |
| All Time | 2 255 607 |
| Active installations | 20 000+ |
| Publicly Published | June 27, 2024 |
| Last Updated | June 27, 2024 |
| Researcher | Dmtirii Ignatyev |
| OWASP TOP-10 | A7: Cross-Site Scripting (XSS) |
| PoC | Yes |
| Exploit | No |
| Reference | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6026 https://wpscan.com/vulnerability/01609d84-e9eb-46a9-b2cc-fe7e0c982984/ |
| Plugin Security Certification by CleanTalk |  |
| Logo of the plugin |  |
Timeline
| June 13, 2024 | Plugin testing and vulnerability detection in the Slider by 10Web have been completed |
| June 13, 2024 | I contacted the author of the plugin and provided a vulnerability PoC with a description and recommendations for fixing |
| June 27, 2024 | Registered CVE-2024-6026 |
Discovery of the Vulnerability
During a routine security assessment of the Slider by 10Web plugin, a critical vulnerability was identified. This flaw allows a contributor to embed malicious JavaScript code into a new post. The embedded code can execute actions that result in the creation of an admin account, thereby giving the attacker full control over the website. This discovery highlights the importance of continuous security testing and vigilance in maintaining plugin security.
Understanding of Stored XSS attack’s
Cross-Site Scripting (XSS) is a common vulnerability found in web applications, including WordPress plugins. XSS allows attackers to inject malicious scripts into web pages viewed by other users. When an unsuspecting user, typically with elevated privileges, interacts with the infected page, the malicious script executes in their browser. This can lead to a variety of malicious activities, such as session hijacking, data theft, and in severe cases, full account takeovers.
A notable example of XSS in WordPress involved the widely-used plugin Slider by 10Web. By manipulating specific fields within the plugin’s settings, attackers could inject harmful scripts that execute when the page is viewed, causing unintended and harmful actions on the website.
Exploiting the Stored XSS Vulnerability
To exploit this vulnerability, an attacker needs to follow these steps:
POC:
http://123.123″ style=”animation-duration:1s;animation-name:slidein;animation-iteration-count:2″ onwebkitanimationiteration=”alert(1)” -> to the “Link the slide to:” field in Slide Options @keyframes slidein {} -> to CSS in main Settings of new Slider
____
The potential risks associated with CVE-2024-6026 are severe. If exploited, this vulnerability could lead to:
- Unauthorized admin account creation: Attackers can gain full control of the website.
- Data breaches: Sensitive user information could be accessed and exfiltrated.
- Website defacement: Malicious actors could alter the website’s content to distribute misinformation or malware.
- Further exploitation: Compromised sites could be used to launch additional attacks on visitors or other websites.
Recommendations for Improved Security
To mitigate the risks posed by CVE-2024-6026, the following security measures are recommended:
- Update the Plugin: Ensure the Quiz and Survey Master plugin is updated to the latest version, where this vulnerability is patched.
- Sanitize and Validate Inputs: Implement rigorous input sanitization and validation to prevent the injection of malicious scripts.
- Use Security Plugins: Employ security plugins that offer XSS protection and regularly scan for vulnerabilities.
- Restrict User Permissions: Limit the permissions of contributors and other non-admin users to minimize the risk of exploitation.
- Regular Security Audits: Conduct regular security audits and penetration tests to identify and address vulnerabilities promptly.
By taking proactive measures to address Stored XSS vulnerabilities like CVE-2024-6026, WordPress website owners can enhance their security posture and safeguard against potential exploitation. Stay vigilant, stay secure.
#WordPressSecurity #StoredXSS #WebsiteSafety #StayProtected #VeryHighVulnerability
Use CleanTalk solutions to improve the security of your website
DMITRII I.
