CVE-2024-6639

The MDx WordPress theme, up to version 2.0.3, contains a stored cross-site scripting (XSS) vulnerability in its 'mdx_list_item' shortcode. The root cause is insufficient input sanitization and output escaping on user-supplied attributes, allowing malicious HTML or JavaScript to be stored in the database [1].

An attacker must have at least contributor-level access to the WordPress site to exploit this vulnerability. By crafting a post or page containing the vulnerable shortcode with a malicious attribute, the injected script is stored and executed whenever any user views the affected page [1].

Successful exploitation enables the attacker to execute arbitrary web scripts in the context of the victim's browser. This can lead to session hijacking, defacement, or redirection to malicious sites, compromising the integrity and confidentiality of the WordPress installation [1].

The vulnerability has been patched in a commit that applies esc_html() and esc_attr() to shortcode attributes [1]. Users should update the MDx theme to a version later than 2.0.3 to mitigate the risk [2].