A popular WordPress privacy compliance plugin with over 800,000 installations recently patched a stored XSS vulnerability that could allow an attacker to upload malicious scripts to launch attacks against site visitors.
Compliant | GDPR/CCPA Cookie Consent WordPress Plugin
The Complianz plugin for WordPress is a powerful tool that helps website owners comply with privacy regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
The plugin manages multiple facets of user privacy, including blocking third-party cookies, managing cookie consent (including by sub-region), and managing various aspects related to cookie banners.
Its versatility and usefulness can explain the popularity of the tool that currently has more than 800,000 installations.
XSS vulnerability stored by the Complianz plugin
The Complianz WordPress plugin was discovered to have a stored XSS vulnerability, which is a type of vulnerability that allows a user to upload a malicious script directly to a website’s server. Unlike reflected XSS, which requires a website user to click on a link, stored XSS involves a malicious script stored and published from the target website’s server.
The vulnerability is in Complianz’s administration settings, which takes the form of the lack of two security features.
1. Sanitization at entrance
The plugin didn’t have enough input and output sanitization. Input sanitization is a standard process of checking what is entered into a website, such as a form field, to ensure that what is entered is what is expected, such as text input instead of loading a script.
the officer The WordPress Developer Guide describes data sanitization how:
“Input sanitization is the process of securing/cleaning/filtering input data. Validation is preferred over sanitization because validation is more specific. But when “more specific” is not possible, sanitization is the best thing.”
2. Exhaust outlet
The plugin lacked Output Escaping, which is a security process that removes unwanted data before it is rendered to a user.
How serious is the vulnerability?
The vulnerability requires an attacker to obtain administrator and higher permission levels to execute the attack. This may be the reason why this vulnerability has a score of 4.4 out of 10, ten representing the highest level of vulnerability.
The vulnerability only affects specific types of installations as well.
According to Wordfence:
“This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts into pages that will be executed whenever a user accesses an injected page.
This only affects multisite installations and installations where unfiltered_html has been disabled.”
Update to the latest version
The vulnerability affects Complianz versions equal to or lower than version 6.5.5. Users are advised to upgrade to version 6.5.6 or higher.
Read Wordfence’s warning about the vulnerability:
[ad_2]
Source link
