A critical vulnerability, CVE-2024-2309, has been discovered in the WP Staging WordPress plugin, exposing websites to Stored Cross-Site Scripting (XSS) attacks. This flaw allows attackers to execute malicious scripts, potentially leading to the creation of JavaScript backdoors and compromising website integrity. Immediate action is advised to mitigate the risk. This vulnerability allows malicious actors to execute Stored XSS attacks, potentially leading to the creation of JavaScript backdoors, compromising website integrity. (if an attacker has previously hijacked an administrator or editor account, he can plant a backdoor to regain access back).
Main info:
| CVE | CVE-2024-2309 |
| Plugin | WP Staging (Free < 3.4.0, Pro < 5.4.0) |
| Critical | High |
| All Time | 3 127 121 |
| Active installations | 90 000+ |
| Publicly Published | March 25, 2023 |
| Last Updated | March 25, 2023 |
| Researcher | Dmtirii Ignatyev |
| OWASP TOP-10 | A7: Cross-Site Scripting (XSS) |
| PoC | Yes |
| Exploit | No |
| Reference | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2309 https://wpscan.com/vulnerability/a4152818-1e07-46a7-aec4-70f1a1b579a6/ |
| Plugin Security Certification by CleanTalk |  |
Timeline
| February 16, 2023 | Plugin testing and vulnerability detection in the WP Staging plugin have been completed |
| February 16, 2023 | I contacted the author of the plugin and provided a vulnerability PoC with a description and recommendations for fixing |
| March 25, 2024 | Registered CVE-2024-2309 |
Discovery of the Vulnerability
During routine security testing of the WP Staging plugin, security researchers uncovered a vulnerability that enables attackers to execute Stored XSS attacks. By embedding malicious scripts in certain plugin settings, attackers can exploit this flaw to compromise website security.
Understanding of Stored XSS attack’s
Stored Cross-Site Scripting (XSS) vulnerabilities occur when user-supplied data is improperly stored and later executed within the context of a web application. In WordPress, this often involves injecting malicious scripts into plugin settings or user-generated content, which can then be executed by unsuspecting users.
Exploiting the Stored XSS Vulnerability
To exploit CVE-2024-2309, attackers can navigate to the “Backup & Migration” section of the WP Staging plugin and manipulate the “Backup Name” field to include malicious script code. This code is then executed when the compromised settings are accessed, leading to potential account takeover or backdoor creation.
POC:
You should click on “Backup & Migration” and change “Backup Name” field to (123123″ onmouseover=’alert(1)’) -> Save
___
The exploitation of this vulnerability poses significant risks to website owners and users. Attackers can use the stored XSS attack vector to steal sensitive information, perform unauthorized actions, or even distribute malware. Real-world scenarios include compromised admin accounts, defaced websites, and data breaches.
Recommendation
To mitigate the risk associated with CVE-2024-2309, website administrators are advised to update the WP Staging plugin to the latest patched version immediately. Additionally, implementing strict input validation and output encoding practices can help prevent XSS vulnerabilities. Regular security audits and monitoring can also help detect and address security issues proactively.
Stay vigilant and proactive in safeguarding your WordPress site against emerging threats like CVE-2024-2309. Your website’s security is paramount, so take action now to prevent potential exploitation.
#WordPressSecurity #StoredXSS #WebsiteSafety #StayProtected #HighVulnerability
Use CleanTalk solutions to improve the security of your website
DMITRII I.
