Rewterz Threat Alert – AsyncRAT – Active IOCs
October 23, 2023Rewterz Threat Update – D-Link Employee Targeted in Phishing Attack Resulting in Data Breach
October 23, 2023Rewterz Threat Alert – AsyncRAT – Active IOCs
October 23, 2023Rewterz Threat Update – D-Link Employee Targeted in Phishing Attack Resulting in Data Breach
October 23, 2023Severity
Medium
Analysis Summary
CVE-2023-5070 CVSS:6.5
Social Media Share Buttons & Social Sharing Icons plugin for WordPress could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in the sfsi_save_export function. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-5071 CVSS:6.4
Sitekit plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the sitekit_iframe shortcode. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-5086 CVSS:6.4
Copy Anything to Clipboard plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the copy shortcode. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-5120 CVSS:5.5
WPvivid Backup & Migration plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the admin settings. A remote authenticated attacker could exploit this vulnerability using the the image file path parameter to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-5109 CVSS:6.4
WP Mailto Links plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the wpml_mailto shortcode. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-5121 CVSS:5.5
WPvivid Backup & Migration plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the admin settings. A remote authenticated attacker could exploit this vulnerability using the the backup path parameter to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-5200 CVSS:6.4
FlowPaper plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the flipbook shortcode. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-5231 CVSS:6.4
Magic Action Box plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the shortcode. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-5292 CVSS:6.4
Advanced Custom Fields: Extended plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the acfe_form shortcode. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-5308 CVSS:6.4
Podcast Subscribe Buttons plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the podcast_subscribe shortcode. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-5337 CVSS:6.4
Contact Form For All plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the formforall shortcode. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-5414 CVSS:4.9
Icegram Express plugin for WordPress could allow a remote authenticated attacker to traverse directories on the system, caused by improper validation of user requests by the show_es_logs function. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to view arbitrary files on the system.
Impact
- Cross-Site Scripting
- Information Theft
Indicators Of Compromise
CVE
- CVE-2023-5070
- CVE-2023-5071
- CVE-2023-5086
- CVE-2023-5120
- CVE-2023-5109
- CVE-2023-5121
- CVE-2023-5200
- CVE-2023-5231
- CVE-2023-5292
- CVE-2023-5308
- CVE-2023-5337
- CVE-2023-5414
Affected Vendors
WordPress
Affected Products
- UltimatelySocial Social Media Share Buttons & Social Sharing Icons plugin for WordPress 2.8.5
- webvitaly Sitekit plugin for WordPress 1.4
- Mahesh M. Waghmare Copy Anything to Clipboard plugin for WordPress 2.6.4
- WPvivid Team WPvivid Backup & Migration plugin for WordPress 0.9.89
- Ironikus WP Mailto Links plugin for WordPress 3.1.3
- Devaldi Ltd flowpaper plugin for WordPress 2.0.3
- LLC Magic Action Box plugin for WordPress 2.17.2
- ACF Extended Advanced Custom Fields: Extended plugin for WordPress 0.8.9.3
- SecondLine Themes Podcast Subscribe Buttons plugin for WordPress 1.4.8
- FormForAll Contact form Form For All plugin for WordPress 1.2
- Icegram Express plugin for WordPress 5.6.23
Remediation
Refer to WordPress Plugin Directory for patch, upgrade or suggested workaround information.