CVE-2024-9609
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)
Summary
The LearnPress Export Import – WordPress extension for LearnPress plugin is vulnerable to Reflected Cross-Site Scripting via the 'learnpress_import_form_server' parameter in all versions up to, and including, 4.0.4. This vulnerability is due to insufficient input sanitization and output escaping.
Impact
This vulnerability allows unauthenticated attackers to inject arbitrary web scripts into pages that will execute if they can trick a user into performing an action such as clicking on a link. The potential impacts include: 1. Theft of sensitive information: Attackers could steal session cookies or other sensitive data from users' browsers. 2. Unauthorized actions: Malicious scripts could perform actions on behalf of the victim user. 3. Defacement: The attacker could modify the appearance of the web page for targeted users. 4. Malware distribution: The vulnerability could be used to distribute malware to users who interact with the infected page. The severity is moderate, with a CVSS v3.1 base score of 6.1 (Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). This indicates a network-based attack vector, low attack complexity, no privileges required, but user interaction is needed. The scope is changed, with low impacts on confidentiality and integrity, and no impact on availability.
Exploitation
There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.
Patch
A patch is available. The vulnerability has been fixed in version 4.0.5 of the LearnPress Export Import plugin. The patch details can be found in the WordPress plugin repository, specifically in the following changesets: 1. https://plugins.trac.wordpress.org/changeset/3186901/learnpress-import-export/trunk/inc/admin/providers/learnpress/class-lp-import-learnpress.php 2. https://plugins.trac.wordpress.org/changeset/3186901/learnpress-import-export/trunk/inc/admin/views/import.php
Mitigation
To mitigate this vulnerability, the following actions are recommended: 1. Update the LearnPress Export Import plugin to version 4.0.5 or later immediately. 2. If immediate updating is not possible, consider temporarily disabling the plugin until it can be updated. 3. Implement strong Content Security Policies (CSP) to mitigate the impact of XSS attacks. 4. Educate users about the risks of clicking on suspicious links, especially those related to the LearnPress plugin functionality. 5. Regularly monitor for any suspicious activities or unauthorized changes on WordPress sites using this plugin. 6. Keep all WordPress core, themes, and other plugins up-to-date to maintain overall security posture.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Timeline
NVD published the first details for CVE-2024-9609
A CVSS base score of 6.1 has been assigned.
Feedly found the first article mentioning CVE-2024-9609. See article
Feedly estimated the CVSS score as MEDIUM
EPSS Score was set to: 0.05% (Percentile: 21.6%)