CVE-2024-47326

Vulnerability

Overview CVE-2024-47326 is a reflected cross-site scripting (XSS) vulnerability in the ILLID Share This Image plugin for WordPress, affecting versions up to and including 2.01 [1]. The issue arises from improper neutralization of user-supplied input during web page generation, allowing an attacker to inject arbitrary HTML and JavaScript into a response [1].

Exploitation

Requirements To exploit this vulnerability, an attacker must trick a privileged user (e.g., an administrator) into clicking a crafted link or visiting a specially prepared web page [1]. No authentication is required for the attacker, but successful exploitation depends on user interaction by a victim who has the necessary privileges [1]. The attack vector is over the network, and the attacker does not need special network position [1].

Impact

Successful exploitation could allow the attacker to inject malicious scripts, such as redirects, advertisements, or other HTML payloads, which execute when other users visit the affected site [1]. This can lead to session hijacking, defacement, or further compromise of the WordPress installation [1]. The CVSS v3 base score is 7.1 (High), reflecting the potential for moderate damage with user interaction required [1].

Mitigation

The vulnerability is remediated in version 2.02 of the plugin [1]. Users are advised to update immediately. If an update is not possible, Patchstack provides a mitigation rule to block attacks until the plugin can be updated [1]. Given that this type of vulnerability is expected to be incorporated into mass-exploit campaigns, prompt action is recommended [1].