CVE-2024-13098 Scanner

WordPress Email Newsletter is a plugin used with the WordPress content management system for managing email newsletters. It is developed by Megaminds Technologies and serves website administrators to send newsletters directly from their WordPress sites. The plugin is utilized by small to medium-sized businesses and bloggers who wish to maintain direct contact with their audience. It enables administrators to create, send, and track newsletters easily without leaving their WordPress dashboard. Despite its utility, the plugin may be vulnerable to specific attacks if not kept up to date. This makes it important for users to maintain the latest version to secure their sites.

Cross-Site Scripting (XSS) is a vulnerability that allows attackers to inject malicious scripts into webpages viewed by other users. In the context of this plugin, the lack of sanitization and escaping of user input before output leads to the vulnerability. An attacker can craft and share a malicious link which, when accessed by an authenticated user, will execute scripts within their browser. The potential impact includes unauthorized actions or unauthorized data disclosure for high-privileged users. As this vulnerability can be exploited by tricking users into clicking a malicious link, it poses a significant security risk.

The vulnerability resides within a parameter on specific plugin pages where input is not correctly sanitized. The attacker-constructed script is embedded within a URL parameter which is reflected back into the page without adequate escaping. When users with high privileges click on the crafted link, it causes the malicious script to execute. The script can perform actions as the logged-in user or capture sensitive session data, leading to account compromise. This issue reflects a failure in input sanitization practices, particularly on pages accessible from the admin panel.

If exploited, this vulnerability could allow attackers to perform unauthorized actions on behalf of high-privileged users within the WordPress installation. Malicious actions may include changing configurations or exfiltrating sensitive data. There is also a risk of complete account takeover if session information is extracted. Organizations may suffer from data theft and reputational damage if attackers use compromised accounts for further attacks. Admins could additionally experience reduced trust from users if systems are perceived as insecure.

REFERENCES

• https://wpscan.com/vulnerability/eac71f70-993e-4353-8550-affb24c61c02/