CVE-2023-3169 Scanner

The tagDiv Composer is a popular WordPress plugin used for page building and design. Developed by tagDiv, it allows users to customize their websites with ease, providing various elements and features that enhance web aesthetics and functionality. Being widely used for WordPress sites, this plugin greatly aids bloggers, content creators, and website administrators in building visually appealing pages without extensive coding knowledge. Its high adoption rate underscores its importance in the WordPress community. However, like many plugins, maintaining its security is crucial to prevent exploitation. Regular updates and vigilant monitoring are essential for ensuring its integrity.

Cross-Site Scripting (XSS) is a prevalent vulnerability found in web applications, including WordPress plugins. It allows attackers to inject malicious scripts into web pages viewed by other users. Stored XSS, specifically, involves injecting scripts that are stored on the server and subsequently executed upon access by a user, leading to severe security implications. This vulnerability in tagDiv Composer arises from inadequate validation of user input at the /wp-json/tdw/save_css endpoint. Untrusted scripts can be embedded in website content, affecting multiple users. Such vulnerabilities can be exploited to execute arbitrary scripts in the context of a user's session.

In tagDiv Composer, the vulnerability is located at the /wp-json/tdw/save_css endpoint. An attack can be launched by injecting malicious JavaScript into the compiled_css parameter. This input is stored by the application and executed each time the vulnerable component is loaded, thereby risking user security. When combined with other vulnerabilities, it can become part of a more extensive attack chain. The endpoint fails to validate and sanitize inputs correctly, allowing crafted payloads to infiltrate the system and execute arbitrary commands in the browser environment of users visiting affected pages.

Exploiting this vulnerability could lead to unauthorized JavaScript execution in users' browsers, allowing attackers to steal session cookies or manipulate DOM elements. This can further result in hijacking user sessions, manipulating web content, or redirecting users to malicious sites. The impact increases proportionally with the number of affected users, thus reaching potentially site-wide implications. Additionally, exploitability may extend to gaining further access privileges within the WordPress environment. Such a breach could manifest as data theft, defacement, or injection of further malicious elements, leading to significant reputational and operational damage.

REFERENCES

• https://wpscan.com/vulnerability/e6d8216d-ace4-48ba-afca-74da0dc5abb5
• https://nvd.nist.gov/vuln/detail/CVE-2023-3169