Complianz Vulnerability – Authenticated(Administrator+) Stored Cross-site Scripting via settings – CVE-2023-6498 | WordPress Plugin Vulnerability Report
Plugin Name: Complianz
Key Information:
- Software Type: Plugin
- Software Slug: complianz-gdpr
- Software Status: Active
- Software Author: rogierlankhorst
- Software Downloads: 13,636,569
- Active Installs: 800,000
- Last Updated: January 3, 2024
- Patched Versions: 6.5.6
- Affected Versions: <= 6.5.5
Vulnerability Details:
- Name: Complianz | GDPR/CCPA Cookie Consent <= 6.5.5 - Authenticated(Administrator+) Stored Cross-site Scripting via settings
- Title: Authenticated(Administrator+) Stored Cross-site Scripting via settings
- Type: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVE: CVE-2023-6498
- CVSS Score: 4.4 (Medium)
- Publicly Published: January 3, 2024
- Researcher: Webbernaut
- Description: The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to and including 6.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Summary:
The Complianz plugin for WordPress has a vulnerability in versions up to and including 6.5.5 that allows authenticated users with admin permissions to inject arbitrary web scripts via the plugin's settings. This has been patched in version 6.5.6.
Detailed Overview:
A vulnerability has been discovered in the popular Complianz – GDPR/CCPA Cookie Consent plugin that allows authenticated users with admin level access to inject malicious scripts into pages via insufficiently sanitized input in the plugin's settings. This exploit was discovered by researcher Webbernaut and impacts all versions up to and including 6.5.5. It has been assigned CVE identifier CVE-2023-6498 with a CVSS severity score of 4.4 (Medium). Successful exploitation requires an attacker to already have admin access and only affects multi-site installations with unfiltered_html disabled. The injected scripts will execute whenever a user views an affected page. Complianz has patched this issue in version 6.5.6 so users should update as soon as possible.
Advice for Users:
- Immediate Action: Update to patched version 6.5.6 or higher immediately.
- Check for Signs of Vulnerability: If you cannot update immediately, review pages for unauthorized scripts. If found, update plugin immediately.
- Alternate Plugins: Consider alternatives like Cookiebot or Cookie Notice as a precaution.
- Stay Updated: Enable automatic updates in WordPress to receive security fixes and new versions when available.
Conclusion:
Complianz's quick response in patching this vulnerability is good to see. All WordPress site owners using vulnerable versions should perform updates as soon as possible to protect their sites and users. Regular plugin updates are crucial for maintaining security.
References:
https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/complianz-gdpr
Detailed Report:
Keeping your WordPress website secure is a constant challenge, especially when you don’t have time to fully research vulnerabilities and update plugins. Unfortunately, the popular Complianz GDPR cookie consent plugin has had a significant stored cross-site scripting (XSS) vulnerability reported that allows any admin user to potentially add malicious JavaScript to your pages in versions 6.5.5 and below. This vulnerability could fully compromise your website and poses severe risks like data theft or getting your site blacklisted in search.
The plugin is actively installed on over 800,000 WordPress sites, so many site owners are currently exposed. Researcher Webbernaut disclosed the issue January 3rd and it has been assigned identifier CVE-2023-6498 with a CVSS severity rating of 4.4 (Medium). Successful attacks require existing admin access but work on both single and multi-site WordPress installs with unfiltered_html disabled.
To protect your website, sites owners should upgrade Complianz to version 6.5.6 or higher immediately. You can do this by logging into your dashboard and accessing the update page. Be sure to check for any unauthorized scripts or content added after updating. Switching to an alternate plugin can also mitigate potential issues. This incident underscores the importance of enabling automatic background updates in WordPress to get crucial security fixes applied without any effort on your end.
While this vulnerability has now been resolved, it’s unfortunately one of 15 other issues reported in Complianz just over the past year. Plugin vulnerabilities constantly fall through the cracks - staying on aging versions leaves you perpetually at risk. Services that automatically scan and patch vulnerabilities provide tremendous value for busy site owners without security expertise. Reach out anytime if you need help keeping your website safe!
Staying on top of WordPress security can feel overwhelming for small business owners without dedicated IT staff. At Your WP Guy, we exist to shoulder that burden for you. Our WordPress experts can fully audit, secure, maintain and support your site - so you can focus on growing your business with peace of mind.
Don't tackle security risks alone. Let us help you assess any impact from this vulnerability, update your plugins, and implement ongoing maintenance to avoid future threats. We treat your website like it's our own - because we know how critical it is for reaching your customers.
Get in touch for a free consultation today on making WordPress security stress-free. Call 678-995-5169 or book a call here. Our knowledgeable team is ready to help you safeguard your online presence.