A critical vulnerability has been unearthed in the “Responsive Pricing Table” WordPress plugin, designated as CVE-2024-1333. This flaw, exploitable via Stored Cross-Site Scripting (XSS), facilitates the illicit creation of admin accounts by injecting malicious scripts. Such vulnerabilities pose significant risks to website integrity and user security.

Main info:

CVECVE-2024-1333
PluginResponsive Pricing Table < 5.1.11
CriticalHigh
All Time458 465
Active installations20 000+
Publicly PublishedFebruary 20, 2023
Last UpdatedFebruary 20, 2023
ResearcherDmtirii Ignatyev
OWASP TOP-10A7: Cross-Site Scripting (XSS)
PoCYes
ExploitNo
Reference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1333
https://wpscan.com/vulnerability/30546402-03b8-4e18-ad7e-04a6b556ffd7/
Plugin Security Certification by CleanTalk

Timeline

February 5, 2023Plugin testing and vulnerability detection in the Responsive Pricing Table have been completed
February 5, 2023I contacted the author of the plugin and provided a vulnerability PoC with a description and recommendations for fixing
February 20, 2024Registered CVE-2024-1333

Discovery of the Vulnerability

During routine testing of the plugin, security researchers identified a vulnerability that enables threat actors to execute Stored XSS attacks. By embedding malicious scripts in specific plugin fields, contributors can compromise the security of WordPress websites.

Understanding of Stored XSS attack’s

Stored XSS vulnerabilities allow attackers to inject malicious code into a web application, which is then stored and executed whenever the affected page is accessed by other users. In WordPress, plugins often provide entry points for such attacks, as demonstrated in this case with the “Responsive Pricing Table” plugin.

Exploiting the Stored XSS Vulnerability

To exploit this vulnerability, a contributor needs to add a new pricing table and insert malicious code into the “CSS classes” field. Upon rendering the pricing table on a WordPress page, the injected script executes, potentially leading to admin account creation.

POC:

  1. You should click on Add New Pricing Table and add new table. Fill all Form with valid names and put (” onmouseover=’EVIL FUNCTION HERE’) to “CSS classes” field. After that put shortcode to new post of somewhere else.

___

The exploitation of this vulnerability can have severe consequences. Attackers could gain unauthorized access to administrative privileges, allowing them to manipulate website content, steal sensitive information, or carry out further malicious activities undetected.

Recommendations for Improved Security

To mitigate the risk posed by CVE-2024-1333, website administrators are urged to promptly update the “Responsive Pricing Table” plugin to the latest patched version. Additionally, implementing robust input validation and output encoding practices within plugins can help prevent similar vulnerabilities in the future. Regular security audits and monitoring of plugin updates are essential to ensure ongoing protection against emerging threats.

By following these recommendations, website administrators can strengthen the security of their WordPress websites and reduce the risk of exploitation through Stored XSS vulnerabilities in plugins like Responsive Pricing Table.

#WordPressSecurity #StoredXSS #WebsiteSafety #StayProtected #HighVulnerability

Use CleanTalk solutions to improve the security of your website

DMITRII I.
CVE-2024-1333 – Responsive Pricing Table – Stored XSS to Admin Account Creation (Author+) – POC

Leave a Reply

Your email address will not be published. Required fields are marked *