CVE-2024-13543 Scanner
CVE-2024-13543 Scanner - Cross-Site Scripting (XSS) vulnerability in Zarinpal Paid Download
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
22 days 23 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
Zarinpal Paid Download is a plugin used on WordPress sites mainly by content creators and businesses that aim to monetize digital content by facilitating payment processing. Installed on e-commerce websites, it integrates with payment gateways to allow customers to pay for and download files. It is popular among small to medium businesses due to its ease of use with minimal configuration requirements. Administrators of WordPress portals often deploy this plugin to capitalize on digital goods distribution. The plugin is appreciated for its compatibility with various versions of WordPress and the plethora of payment options it offers customers. It is generally maintained by the vendor amini7, who releases updates to ensure compatibility and secure transactions.
The vulnerability present in the Zarinpal Paid Download plugin is a Cross-Site Scripting (XSS) flaw. This type of vulnerability arises due to inadequate input sanitization and escaping processes. When a parameter is reflected without these defenses, attackers can inject malicious scripts. These scripts execute in the browsers of users who load the manipulated links. As the attack can affect high-privilege users like admins, the consequences can be severe. The principal risk revolves around user account compromise due to session hijacking.
The core of the vulnerability lies in the way the plugin handles certain inputs on administrative pages. Specifically, the vulnerable endpoint is part of the page rendering URLs within the admin interface. The lack of proper escaping for user inputs permits the embedding of arbitrary scripts. Attackers can craft specially formatted URLs that, when visited, trigger script execution. This security loophole allows for straightforward exploitation, leveraging common vector techniques to introduce malicious payloads.
If exploited, this vulnerability can lead to severe consequences, particularly the theft of administrative session cookies. With these cookies, attackers can impersonate admin users and execute arbitrary actions within the WordPress dashboard. Such unauthorized access can result in data breaches, unauthorized content changes, or full site takeovers. Beyond individual site impacts, if many plugins or sites are vulnerable, it can catalyze widespread web defacement campaigns or data exfiltration missions.
REFERENCES
