WordPress plugins play a crucial role in extending the functionality of websites. However, vulnerabilities in these plugins can introduce significant security risks. One such vulnerability has been discovered in the Stylish Price List plugin (versions below 7.1.12), which enables users to create visually appealing price lists and pricing tables. The vulnerability allows a malicious actor to inject and store JavaScript code, leading to a Stored Cross-Site Scripting (XSS) attack that can compromise an administrator’s session.
| CVE | CVE-2024-9390 |
| Plugin | Stylish Price List < 7.1.12 |
| Critical | High |
| All Time | 173 319 |
| Active installations | 4 000+ |
| Publicly Published | March 07, 2025 |
| Last Updated | March 07, 2025 |
| Researcher | Artyom Krugov |
| OWASP TOP-10 | A7: Cross-Site Scripting (XSS) |
| PoC | Yes |
| Exploit | No |
| Reference | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10472 https://wpscan.com/vulnerability/d79e5c05-26d0-4223-891f-42ac9fb6ef6e/ |
| Plugin Security Certification by CleanTalk |  |
| Logo of the plugin |  |
PSC by CleantalkJoin the community of developers who prioritize security. Highlight your plugin in the WordPress catalog.
Timeline
| July 01, 2024 | Plugin testing and vulnerability detection in the Stylish Price List have been completed |
| July 01, 2024 | I contacted the author of the plugin and provided a vulnerability PoC with a description and recommendations for fixing |
| March 06, 2025 | Registered CVE-2024-10472 |
Discovery of the Vulnerability
The vulnerability was identified in the category name parameter when creating a new pricing list. The issue arises due to insufficient input sanitization and output encoding, allowing an attacker to insert malicious scripts that execute when the administrator interacts with the infected element.
Understanding of XSS attack’s
Stored XSS is a type of vulnerability where a malicious script is injected into a website and stored on the server. When unsuspecting users, such as administrators or other logged-in users, access the affected page, the script executes within their browser. In WordPress, Stored XSS vulnerabilities often arise due to improper input sanitization in plugins and themes.
Exploiting the XSS Vulnerability
To exploit CVE-2024-10472, an attacker needs to have sufficient privileges to create or modify form fields within the Stylish Price List plugin. The following steps outline the exploitation process:
POC:
1) Navigate to Add New List within the Stylish Price List plugin. 2) Choose Start From Scratch to create a new pricing list. 3) Enter an HTML-encoded payload in the Category Name field. 4) The vulnerable parameters include category[1]name and similar fields. 5) Once saved, the script executes when an administrator interacts with the pricing list.____
Recommendations for Improved Security
To mitigate this vulnerability, it is essential to implement proper security measures:
- Update the Plugin: Ensure that Stylish Price List is updated to version 7.1.12 or later, where the vulnerability has been patched.
- Sanitize User Input: Apply strict input validation using
wp_kses()oresc_html()to prevent JavaScript injection. - Encode Output Properly: Ensure all user-generated content is escaped before rendering it on the page.
- Implement Content Security Policy (CSP): Restrict the execution of inline JavaScript and third-party scripts.
- Enable Web Application Firewalls (WAF): Protect against XSS payloads using security plugins like Wordfence or Sucuri.
- Educate Administrators: Train website admins to recognize potential security threats and avoid interacting with untrusted data.
CVE-2024-10472 highlights the critical need for continuous security auditing of WordPress plugins. Stored XSS vulnerabilities pose a severe risk, especially when they can be leveraged to compromise administrators. By promptly updating plugins, following security best practices, and maintaining a proactive security posture, website owners can safeguard their WordPress installations from such attacks.
To prevent this type of attacks vendor used our methods of prevention.
By taking proactive measures to address Stored XSS vulnerabilities like CVE-2024-10472, WordPress website owners can enhance their security posture and safeguard against potential exploitation. Stay vigilant, stay secure.
#WordPressSecurity #StoredXSS #WebsiteSafety #StayProtected #HighVulnerability
Use CleanTalk solutions to improve the security of your website
Artyom k.
