CVE-2024-13121 – ProfilePress – Stored XSS to JS Backdoor Creation – POC

CVE-2024-13121 – ProfilePress – Stored XSS to JS Backdoor Creation – POC

ProfilePress is a popular WordPress plugin that enables site administrators to easily manage user profiles, registration forms, and member directories. However, a critical Stored Cross-Site Scripting (XSS) vulnerability, CVE-2024-13121, has been discovered within the plugin. This vulnerability allows attackers with editor-level access to inject malicious JavaScript into the “Search Filter Fields Text” setting in the Member Directory. The injected script is stored and later executed, which could lead to account takeover and the creation of backdoor admin accounts. With over 200,000 active installations, this vulnerability represents a significant risk to websites using ProfilePress.

CVE-2024-13120 – ProfilePress – Stored XSS to JS Backdoor Creation – POC

CVE-2024-13120 – ProfilePress – Stored XSS to JS Backdoor Creation – POC

ProfilePress is a widely used WordPress plugin that allows website administrators to easily manage user profiles, registration, and login processes. However, a critical Stored Cross-Site Scripting (XSS) vulnerability has been identified in the plugin, CVE-2024-13120. This flaw allows attackers with editor-level access to inject malicious JavaScript code into the “Description” field of the “Remember me” block in the Drag & Drop Form settings. The injected script can then be executed, leading to the creation of a backdoor admin account or other malicious activities. This vulnerability affects over 200,000 active installations, posing a significant risk to websites using ProfilePress.

CVE-2024-13119 – ProfilePress – Stored XSS to JS Backdoor Creation – POC

CVE-2024-13119 – ProfilePress – Stored XSS to JS Backdoor Creation – POC

ProfilePress is a popular WordPress plugin that provides user profile and membership management features. However, CVE-2024-13119 highlights a critical Stored Cross-Site Scripting (XSS) vulnerability that allows attackers to inject malicious JavaScript into the plugin’s settings. This vulnerability can be exploited by attackers with editor-level access to inject JavaScript into the “Title” field in the Member Directory settings. When the settings are saved, the malicious code is stored in the WordPress database and executed when the directory is rendered. This flaw enables attackers to create a backdoor, potentially giving them full control of the site. With over 200,000 active installations, this vulnerability poses a serious risk to websites using ProfilePress.

Malicious PHP snippets in WPCode

Malicious PHP snippets in WPCode

During the analysis and treatment of the infected site, malicious code was found embedded in the Code Snippets plugin. The main function of the malicious code was to redirect users once upon their first visit to the site, as well as to hide the plugin’s management form in the WordPress admin panel. This makes it difficult to detect the threat and increases the likelihood of a long-term presence of malicious code on a web resource.

This type of infection is quite common in the WordPress environment and causes a lot of inconvenience to website owners. Its main functionality is related to hiding malicious code and redirects on the website.

CVE-2024-4002 – Carousel, Slider, Gallery by WP Carousel – Stored XSS to JS Backdoor Creation – POC

CVE-2024-4002 – Carousel, Slider, Gallery by WP Carousel – Stored XSS to JS Backdoor Creation – POC

Carousel, Slider, Gallery by WP Carousel is a popular WordPress plugin that enables website owners to create interactive carousels, sliders, and galleries. However, a critical Stored Cross-Site Scripting (XSS) vulnerability has been discovered in this plugin, identified as CVE-2024-4002. This vulnerability allows attackers with editor-level access to inject malicious JavaScript into the plugin’s settings, which can then be executed when the carousel is rendered. The malicious script can create a backdoor, enabling attackers to take over admin accounts or perform other malicious actions. With over 50,000 active installations, this flaw presents a significant risk to websites using WP Carousel.

Plugin Security Certification (PSC-2025-64552): “Breadcrumb NavXT” – Version 7.4.1: Use Breadcrumb with Enhanced Security

Plugin Security Certification (PSC-2025-64552): “Breadcrumb NavXT” – Version 7.4.1: Use  Breadcrumb with Enhanced Security

Breadcrumb NavXT is a powerful WordPress plugin designed to generate breadcrumb trails for websites, providing users with a clear navigational structure. As the successor to Breadcrumb Navigation XT, it has been completely rebuilt to offer greater customization, performance, and compatibility with modern web standards. The plugin integrates seamlessly with WordPress themes, allowing both administrators and developers to configure breadcrumb settings effortlessly.

CVE-2024-9645 – Post Grid Gutenberg Blocks (Combo Blocks) – Stored XSS to Admin Creation – POC

CVE-2024-9645 – Post Grid Gutenberg Blocks (Combo Blocks) – Stored XSS to Admin Creation – POC

The Post Grid Gutenberg Blocks (Combo Blocks) plugin for WordPress allows users to display posts in a grid format with various customizations, making it a popular choice among WordPress users. However, a critical Stored Cross-Site Scripting (XSS) vulnerability has been discovered in the plugin, identified as CVE-2024-9645. This flaw allows an attacker with contributor-level access to inject malicious JavaScript into the plugin’s shortcode, which can be executed when the post is viewed. The attacker can exploit this vulnerability to create a backdoor admin account, potentially giving them full control of the website. With over 50,000 active installations, this vulnerability presents a significant security risk to sites using this plugin.

CVE-2024-9020 – List Category Posts – Stored XSS to JS Admin Creation – POC

CVE-2024-9020 – List Category Posts – Stored XSS to JS Admin Creation – POC

List Category Posts is a widely used WordPress plugin that allows site owners to display posts from specific categories in a list format. However, CVE-2024-9020 has been identified as a critical Stored Cross-Site Scripting (XSS) vulnerability within the plugin. This vulnerability enables attackers with contributor-level privileges to inject malicious JavaScript into post excerpts, which can lead to the creation of a backdoor admin account. With over 100,000 active installations, this flaw presents a significant security risk for websites using the List Category Posts plugin.

CVE-2024-13314 – Carousel, Slider, Gallery by WP Carousel – Stored XSS to JS Backdoor Creation – POC

CVE-2024-13314 – Carousel, Slider, Gallery by WP Carousel – Stored XSS to JS Backdoor Creation – POC

The WP Carousel plugin is a popular WordPress plugin that allows users to create beautiful image, post, and WooCommerce product carousels effortlessly. With its user-friendly interface and extensive features, it has become a preferred choice for many WordPress site owners. However, a vulnerability (CVE-2024-13314) has been discovered in versions below 2.7.4, allowing attackers to exploit Stored Cross-Site Scripting (XSS), posing a significant security risk.

Plugin Security Certification (PSC-2024-64551): “ManageWP Worker” – Version 4.9.20: Use Management tool with Enhanced Security

Plugin Security Certification (PSC-2024-64551): “ManageWP Worker” – Version 4.9.20: Use Management tool with Enhanced Security

The ManageWP Worker plugin, with over 1 million downloads, is a powerful tool for managing multiple WordPress websites from a single dashboard. It offers features such as automated backups, security monitoring, bulk updates, and website cloning. However, from a security standpoint, plugins with administrative control over multiple sites require strict scrutiny to ensure data integrity and prevent potential exploitation.