CVE-2023-6970 Scanner
CVE-2023-6970 Scanner - Cross-Site Scripting (XSS) vulnerability in WP Recipe Maker
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
20 days 17 hours
Scan only one
URL
Toolbox
The WP Recipe Maker plugin is widely used by websites running on WordPress to facilitate the creation and management of recipe content. It is favored by food bloggers and culinary websites to display recipes attractively. Users rely on this plugin to enhance user engagement by providing printable versions of recipes. WP Recipe Maker offers numerous features allowing customization of recipe templates and user interaction via ratings and reviews. Due to its popularity, any vulnerability in this plugin can have widespread impact on websites using it. Regular updates and security checks are necessary to maintain the integrity of websites leveraging WP Recipe Maker.
The vulnerability in question is a Reflected Cross-Site Scripting (XSS) flaw that exploits the Referer header. This type of vulnerability occurs when input validation and output sanitization are insufficient, allowing attackers to inject malicious scripts. Such scripts can be executed in the browser of a website visitor, which can lead to session hijacking or website defacement. Being a medium severity vulnerability, it poses a significant risk if left unmitigated. Regular updates and proper scrubbing of input fields can help mitigate this type of vulnerability.
The XSS vulnerability in WP Recipe Maker arises from the way the Referer header is handled in the plugin's code. Specifically, the header is inserted into the href attribute on the print page without proper escaping. This flaw allows an attacker to craft a URL that includes malicious JavaScript code in the Referer header. When a victim visits the malicious URL, the script is executed within their browser context. The endpoint vulnerable to this attack is found in the print page feature of the plugin, which is publicly accessible in all versions up to and including 9.1.0.
If exploited, the described vulnerability can lead to serious consequences such as unauthorized script execution in a victim's browser. This execution can compromise the security of user sessions, leading to potential session hijacking. Attackers might use this flaw to manipulate webpage content, potentially resulting in misleading information display or defacement. Such exploits can severely damage user trust and degrade the prestige of affected websites. Preventive measures include updating the plugin to eliminate the vulnerability.
REFERENCES
- https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-recipe-maker/wp-recipe-maker-910-reflected-cross-site-scripting-via-referer
- https://nvd.nist.gov/vuln/detail/CVE-2023-6970
- https://plugins.trac.wordpress.org/changeset/3019769/wp-recipe-maker/trunk/templates/public/print.php
