CVE-2024-13624 Scanner

WordPress WPMovieLibrary Plugin is designed to simplify management and presentation of movie collections directly within WordPress websites. Widely used by bloggers, movie enthusiasts, and entertainment-focused websites, it enables easy integration and organization of films, metadata, and reviews. Users rely on this plugin to showcase extensive movie libraries with detailed descriptions, ratings, and interactive functionalities. Administrators appreciate its ability to dynamically manage and categorize content, enriching user engagement through customizable presentation options. It significantly enhances content presentation, creating engaging movie review sections or recommendation systems. Its ease of use, integration, and intuitive interface contribute to its widespread adoption in entertainment and media-focused web environments.

This Cross-Site Scripting (XSS) vulnerability in WPMovieLibrary plugin arises from improper sanitization of user-supplied input in the 'dir' parameter. The vulnerability specifically impacts the administrative page for file browsing within the WordPress backend. Attackers can exploit this flaw by crafting malicious URLs containing JavaScript code that executes when an administrator views the manipulated URL. Exploitation involves reflecting attacker-supplied scripts directly into the victim's browser, enabling attackers to run arbitrary JavaScript code. The vulnerability affects all versions up to and including version 2.1.4.8. Because exploitation typically depends on administrator interaction, social engineering is commonly involved in successful attacks.

The vulnerability technically exists in the administrative endpoint located at '/wp-admin/admin.php?page=wpmovielibrary', specifically in the handling of the 'dir' parameter. The plugin incorrectly reflects user input directly within HTML without escaping or adequate sanitization. Attackers can exploit this endpoint by sending crafted GET requests with specially encoded malicious JavaScript payloads. For instance, injecting payloads such as '">' into the vulnerable parameter results in client-side script execution. This reflection vulnerability allows arbitrary JavaScript execution in the context of the authenticated administrator’s browser. As a result, attackers can compromise administrator sessions and potentially escalate privileges.

Exploitation of this vulnerability could lead to severe outcomes, including hijacking of administrative sessions and unauthorized access to sensitive data. Malicious scripts executed in administrators' browsers can steal session cookies, credentials, or perform unauthorized actions in the administrative panel. Additionally, attackers might redirect users to malicious sites, perform phishing attacks, or deface website content. Such attacks significantly harm user trust, damage website credibility, and pose legal or compliance-related issues. Overall, the vulnerability severely threatens both data security and website operational integrity.

REFERENCES

• https://wpscan.com/vulnerability/65e2c77d-09bd-4a44-81d9-d7a5db0e0f84
• https://nvd.nist.gov/vuln/detail/CVE-2024-13624