CVE-2023-32966

Overview

The Jazz Popups plugin for WordPress versions up to 1.8.7 contains a Cross-Site Request Forgery (CSRF) vulnerability that can lead to Stored Cross-Site Scripting (XSS) [1]. This means an attacker can trick a privileged user into unknowingly performing actions that result in malicious script injection.

Exploitation

To exploit this vulnerability, an attacker must craft a malicious link or form and persuade an authenticated administrator or editor to click it or submit it. No authentication is needed for the attacker, but the victim must have sufficient privileges to create or edit popups. The CSRF flaw allows the attacker to forge requests on behalf of the victim, bypassing same-origin protections.

Impact

Successful exploitation enables the attacker to inject arbitrary JavaScript into popup content, which is then stored and executed when other users view the page. This can lead to session hijacking, defacement, or redirection to malicious sites. The CVSS score is 5.4 (Medium), indicating moderate severity with potential for widespread abuse in mass-exploit campaigns [1].

Mitigation

The vulnerability is patched in version 1.8.8 or later. Users are strongly advised to update immediately. If updating is not possible, consider disabling the plugin or implementing Web Application Firewall (WAF) rules to block suspicious requests. No workaround is provided in the advisory [1].