Rewterz Threat Advisory – Multiple WordPress Plugins Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-41867 CVSS:7.1

AcyMailing SMTP Newsletter Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-41868 CVSS:7.1

Stagtools Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-5162 CVSS:6.4

Options for Twenty Seventeen Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability using the ‘social-links’ shortcode to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-41863 CVSS:7.1

PeproDev CF7 Database Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute a script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-5135 CVSS:6.4

Simple Cloudflare Turnstile Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability using the ‘gravity-simple-turnstile’ shortcode to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-5161 CVSS:6.4

Modal Window plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-4281 CVSS:5.3

Activity Log Plugin for WordPress could allow a remote attacker to conduct spoofing attacks, caused by untrusted HTTP header. An attacker could exploit this vulnerability to retrieve the IP address of the request, which could lead to IP spoofing.

Impact

• Cross-Site Scripting
• Gain Access

Indicators Of Compromise

CVE

• CVE-2023-41179 

Affected Vendors

WordPress

Affected Products

• AcyMailing SMTP Newsletter Plugin for WordPress 8.6.2
• Stagtools Plugin for WordPress 2.3.7
• Options for Twenty Seventeen Plugin for WordPress 1.23.2
• PeproDev CF7 Database Plugin for WordPress 1.7.0
• Simple Cloudflare Turnstile Plugin for WordPress 1.23.2
• Modal Window Plugin for WordPress 5.3.5
• Activity Log Plugin for WordPress 2.8.7

Remediation

Upgrade to the latest version of Activity Log Plugin, available from the WordPress Plugin Directory. 

CVE-2023-41867

CVE-2023-41868

CVE-2023-5162

CVE-2023-41863

CVE-2023-5135

CVE-2023-5161

CVE-2023-4281