During routine security testing of the Starbox plugin, researchers uncovered a critical vulnerability designated as CVE-2024-1273. This vulnerability, classified as Stored XSS, allows attackers to execute malicious scripts on a WordPress site by embedding them within the plugin’s functionality.
Main info:
CVE | CVE-2024-1273 |
Plugin | Starbox < 3.5.0 |
Critical | High |
All Time | 451 366 |
Active installations | 40 000+ |
Publicly Published | February 20, 2023 |
Last Updated | February 20, 2023 |
Researcher | Dmtirii Ignatyev |
OWASP TOP-10 | A7: Cross-Site Scripting (XSS) |
PoC | Yes |
Exploit | No |
Reference | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1273 https://wpscan.com/vulnerability/9784d7c8-e3aa-42af-ace8-5b2b37ebc9cb/ |
Plugin Security Certification by CleanTalk | |
Timeline
January 31, 2023 | Plugin testing and vulnerability detection in the Starbox have been completed |
January 31, 2023 | I contacted the author of the plugin and provided a vulnerability PoC with a description and recommendations for fixing |
February 10, 2023 | The author fixed the vulnerability and released the plugin update |
February 20, 2023 | Registered CVE-2024-1273 |
Discovery of the Vulnerability
In the process of testing the plugin, a vulnerability was found that allows you to implement Stored XSS on behalf of the contributor by embedding malicious script, which entails account takeover
Understanding of Stored XSS attack’s
Stored XSS, or Stored Cross-Site Scripting, is a type of vulnerability that arises when user input is not properly sanitized before being stored on a website’s server and later displayed to other users. In the case of WordPress, this can occur when plugins or themes fail to adequately filter user-supplied content, allowing attackers to inject harmful scripts into web pages. Real-world examples of Stored XSS attacks include inserting malicious code into comment fields, contact forms, or any other input areas that accept user-generated content.
Exploiting the Stored XSS Vulnerability
To exploit the Stored XSS vulnerability in the Starbox plugin, attackers can embed malicious scripts within specific parameters, such as profile fields or comment sections. By doing so, they can execute arbitrary code within the context of other users’ browsers, potentially leading to account takeover, data theft, or further compromise of the WordPress site.
POC:
- http://132″ onmouseover=’alert(1)’ in account editing page
___
The CVE-2024-1273 vulnerability in Starbox poses a significant risk to WordPress sites, particularly those with user-generated content or community interaction features. Attackers with even low-level roles, such as Contributors, can leverage this vulnerability to inject malicious scripts that compromise the security and integrity of the site. Real-world scenarios may include attackers exploiting the vulnerability to steal sensitive information, deface web pages, distribute malware, or launch phishing attacks.
Recommendations for Improved Security
To mitigate the risk posed by CVE-2024-1273 and similar vulnerabilities, WordPress site owners should promptly update the Starbox plugin to the latest patched version. Additionally, developers should prioritize implementing robust input validation and output sanitization mechanisms to prevent XSS vulnerabilities in their plugins and themes. Regular security audits and penetration testing can help identify and address potential security flaws before they can be exploited by malicious actors.
By following these recommendations, website administrators can strengthen the security of their WordPress websites and reduce the risk of exploitation through Stored XSS vulnerabilities in plugins like Starbox.
#WordPressSecurity #StoredXSS #WebsiteSafety #StayProtected #HighVulnerability
Use CleanTalk solutions to improve the security of your website
DMITRII I.