A critical security flaw has been uncovered in Responsive Gallery Grid plugin, marked as CVE-2024-1664. This vulnerability enables attackers to execute Stored XSS attacks, potentially leading to the creation of JavaScript backdoors, thus endangering website integrity and security. This vulnerability allows malicious actors to execute Stored XSS attacks, potentially leading to the creation of JavaScript backdoors, compromising website integrity. (if an attacker has previously hijacked an administrator or editor account, he can plant a backdoor to regain access back).
Main info:
| CVE | CVE-2024-1664 |
| Plugin | Responsive Gallery Grid < 2.3.11 |
| Critical | High |
| All Time | 184 684 |
| Active installations | 6 000+ |
| Publicly Published | March 25, 2023 |
| Last Updated | March 25, 2023 |
| Researcher | Dmtirii Ignatyev |
| OWASP TOP-10 | A7: Cross-Site Scripting (XSS) |
| PoC | Yes |
| Exploit | No |
| Reference | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1664 https://wpscan.com/vulnerability/fc3beca7-af38-4ab2-b05f-13b47d042b85/ |
| Plugin Security Certification by CleanTalk |  |
Timeline
| February 9, 2023 | Plugin testing and vulnerability detection in the Responsive Gallery Grid plugin have been completed |
| February 9, 2023 | I contacted the author of the plugin and provided a vulnerability PoC with a description and recommendations for fixing |
| March 25, 2024 | Registered CVE-2024-1664 |
Discovery of the Vulnerability
During routine testing, a vulnerability was discovered within the Responsive Gallery Grid plugin. This flaw allows malicious actors to embed and execute arbitrary JavaScript code, compromising the security of affected WordPress websites.
Understanding of Stored XSS attack’s
Stored XSS (Cross-Site Scripting) vulnerabilities occur when untrusted data is processed and rendered on a web page, allowing attackers to inject malicious scripts. In the case of WordPress plugins like Responsive Gallery Grid, these vulnerabilities can be exploited by attackers to execute arbitrary code within the context of a user’s session.
Exploiting the Stored XSS Vulnerability
To exploit CVE-2024-1664, attackers can simply manipulate settings within the Responsive Gallery Grid plugin interface. By injecting malicious JavaScript code into certain fields, they can execute arbitrary scripts, potentially leading to unauthorized access and data breaches.
POC:
You should click on “RGG Gallery” and change Class field to (” onmouseover=’alert(1)’) -> Save Settings
___
The impact of this vulnerability is severe, as it enables attackers to compromise website integrity, steal sensitive data, and even gain unauthorized access to administrative accounts. Furthermore, the creation of JavaScript backdoors poses a significant threat to the long-term security of affected WordPress websites.
Recommendation
To mitigate the risk posed by CVE-2024-1664, WordPress administrators are advised to promptly update the Responsive Gallery Grid plugin to the latest version. Additionally, implementing robust security measures such as regular security audits, web application firewalls, and content security policies can help prevent and detect potential XSS vulnerabilities in plugins and themes.
Stay vigilant and proactive in safeguarding your WordPress site against emerging threats like CVE-2024-1664. Your website’s security is paramount, so take action now to prevent potential exploitation.
#WordPressSecurity #StoredXSS #WebsiteSafety #StayProtected #HighVulnerability
Use CleanTalk solutions to improve the security of your website
DMITRII I.
