A critical vulnerability, CVE-2024-2159, has been uncovered in Sassy Social Share, exposing websites to a potent threat. This flaw allows attackers to execute Stored XSS attacks, potentially leading to JavaScript backdoors and compromising website integrity. (if an attacker has previously hijacked an administrator or editor account, he can plant a backdoor to regain access back).
Main info:
| CVE | CVE-2024-2159 |
| Plugin | Sassy Social Share < 3.3.61 |
| Critical | High |
| All Time | 5 382 335 |
| Active installations | 100 000+ |
| Publicly Published | April 10, 2023 |
| Last Updated | April 10, 2023 |
| Researcher | Dmtirii Ignatyev |
| OWASP TOP-10 | A7: Cross-Site Scripting (XSS) |
| PoC | Yes |
| Exploit | No |
| Reference | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2159 https://wpscan.com/vulnerability/d7fa9849-c82a-4efd-84b6-9245053975ba/ |
| Plugin Security Certification by CleanTalk |  |
Timeline
| February 22, 2024 | Plugin testing and vulnerability detection in the Sassy Social Share plugin have been completed |
| February 22, 2024 | I contacted the author of the plugin and provided a vulnerability PoC with a description and recommendations for fixing |
| April 10, 2024 | Registered CVE-2024-2159 |
Discovery of the Vulnerability
During rigorous plugin testing, researchers uncovered a vulnerability within Sassy Social Share that enables threat actors to inject malicious scripts, paving the way for account takeover and the creation of JavaScript backdoors.
Understanding of Stored XSS attack’s
Stored XSS, a potent threat vector, leverages vulnerabilities in web applications to inject and execute malicious scripts within the browser of unsuspecting users. In WordPress, these vulnerabilities often arise from improper input validation or inadequate sanitization of user-generated content, enabling attackers to embed harmful code into posts, comments, or plugin settings.
Exploiting the Stored XSS Vulnerability
Exploitation of CVE-2024-2159 involves crafting payloads, such as malformed shortcode attributes, capable of executing unauthorized JavaScript, enabling backdoor creation and account takeover.
POC:
[Sassy_Social_Share type=”floating” url=’http://mywebsite.com/example.php”onmouseover=”alert(1123123)”‘ align=”right”]
____
This vulnerability poses a significant risk to WordPress websites, potentially resulting in severe consequences such as data theft, defacement, or the distribution of malware. In real-world scenarios, attackers could exploit this flaw to compromise user accounts, steal sensitive information, or launch further attacks against unsuspecting visitors.
Recommendations for Improved Security
To mitigate the risk posed by CVE-2024-2159, website owners are advised to promptly update the Sassy Social Share plugin to the latest version. Additionally, implementing robust security measures, such as regular vulnerability assessments, web application firewalls, and content security policies, can help safeguard against future threats. It is also crucial to educate users about the importance of practicing good cybersecurity hygiene and avoiding suspicious links and attachments.
By taking proactive measures to address Stored XSS vulnerabilities like CVE-2024-2159, WordPress website owners can enhance their security posture and safeguard against potential exploitation. Stay vigilant, stay secure.
#WordPressSecurity #StoredXSS #WebsiteSafety #StayProtected #VeryHighVulnerability
Use CleanTalk solutions to improve the security of your website
DMITRII I.
