A critical vulnerability has emerged in Shortcodes Ultimate – CVE-2024-3548. With over 600k installations, this exploit poses a significant threat to WordPress sites. Let’s delve into the intricacies of this Stored XSS flaw and its potential repercussions.

CVECVE-2024-3548
PluginShortcodes Ultimate < 7.1.2
CriticalHigh
All Time19 847 719
Active installations600 000+
Publicly PublishedApril 24, 2024
Last UpdatedApril 24, 2024
ResearcherDmtirii Ignatyev
OWASP TOP-10A7: Cross-Site Scripting (XSS)
PoCYes
ExploitNo
Reference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3548
https://wpscan.com/vulnerability/9eef8b29-2c62-4daa-ae90-467ff9be18d8/
Plugin Security Certification by CleanTalk
Logo of the plugin

Timeline

April 8, 2024Plugin testing and vulnerability detection in the Shortcodes Ultimate have been completed
April 8, 2024I contacted the author of the plugin and provided a vulnerability PoC with a description and recommendations for fixing
April 24, 2024Registered CVE-2024-3548

Discovery of the Vulnerability

During routine plugin testing, a security flaw was unearthed within Shortcodes Ultimate. This vulnerability enables threat actors to execute malicious JavaScript code, paving the way for admin account takeover.

Understanding of Stored XSS attack’s

Stored XSS vulnerabilities are perilous loopholes that allow attackers to inject malicious scripts into web applications. In WordPress, such vulnerabilities can be exploited via plugins, compromising site security.

Exploiting the Stored XSS Vulnerability

The exploit in Shortcodes Ultimate allows contributors to embed nefarious JavaScript code into new posts via shortcode, subsequently facilitating admin account creation. By exploiting this flaw, attackers can gain unauthorized access and wreak havoc on websites.

POC:

[su_lightbox src=’123″onmouseover=”MALICIOUS_FUNC_HERE“‘]Click here to open lightbox[/su_lightbox]

____

The ramifications of CVE-2024-3548 are grave. In the wrong hands, this vulnerability could lead to data breaches, defacement, or the dissemination of malware. Hackers could exploit compromised admin accounts to perpetrate further attacks or extort website owners.

Recommendations for Improved Security

To mitigate the risk posed by CVE-2024-3548, WordPress site owners should promptly update their Shortcodes Ultimate plugin to the latest version. Additionally, implementing robust security measures, such as regular vulnerability assessments and user role restrictions, can fortify defenses against XSS attacks.

By taking proactive measures to address Stored XSS vulnerabilities like CVE-2024-3548, WordPress website owners can enhance their security posture and safeguard against potential exploitation. Stay vigilant, stay secure.

#WordPressSecurity #StoredXSS #WebsiteSafety #StayProtected #VeryHighVulnerability

Use CleanTalk solutions to improve the security of your website

DMITRII I.
CVE-2024-3548 – Shortcodes Ultimate – Stored XSS to Admin Account Creation (Contributor+) Critical-High – POC

Leave a Reply

Your email address will not be published. Required fields are marked *