FooGallery Vulnerability – Authenticated (Author+) Stored Cross-Site Scripting – CVE-2024-2762 | WordPress Plugin Vulnerability Report

Plugin Name: FooGallery

Key Information:

  • Software Type: Plugin
  • Software Slug: foogallery
  • Software Status: Active
  • Software Author: bradvin
  • Software Downloads: 4,941,934
  • Active Installs: 100,000
  • Last Updated: May 23, 2024
  • Patched Versions: 2.4.15
  • Affected Versions: < 2.4.15

Vulnerability Details:

  • Name: FooGallery (Free and Premium) < 2.4.15 - Authenticated (Author+) Stored Cross-Site Scripting
  • Type: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
  • CVE: CVE-2024-2762
  • CVSS Score: 6.4 (Medium)
  • Publicly Published: May 23, 2024
  • Researcher: Dmitrii Ignatyev
  • Description: The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom Gallery Class parameter in all versions up to 2.4.15 (exclusive) due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Summary:

The FooGallery plugin for WordPress has a vulnerability in versions up to and including 2.4.14 that allows authenticated attackers with author access and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This vulnerability has been patched in version 2.4.15.

Detailed Overview:

Dmitrii Ignatyev discovered a stored cross-site scripting (XSS) vulnerability in the FooGallery plugin for WordPress. The vulnerability exists in the Custom Gallery Class parameter and is due to insufficient input sanitization and output escaping. This allows authenticated attackers with author-level access and above to inject malicious scripts that will execute whenever a user accesses a compromised page. Successful exploitation of this vulnerability could allow attackers to steal sensitive information, perform unauthorized actions, or deface the website. The vulnerability was patched by the plugin developers in version 2.4.15.

Advice for Users:

  1. Immediate Action: Update the FooGallery plugin to version 2.4.15 or later immediately.
  2. Check for Signs of Vulnerability: Review your website for any suspicious content or unexpected behavior that may indicate a compromised page.
  3. Alternate Plugins: While a patch is available, users might still consider plugins that offer similar functionality as a precaution.
  4. Stay Updated: Always ensure that your plugins are updated to the latest versions to avoid vulnerabilities.

The prompt response from the plugin developers to patch this vulnerability underscores the importance of timely updates. Users are advised to ensure that they are running version 2.4.15 or later to secure their WordPress installations.

References:

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/foogallery

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/foogallery/foogallery-free-and-premium-2415-authenticated-author-stored-cross-site-scripting

Detailed Report:

Attention all WordPress website owners and administrators! A critical security vulnerability has been discovered in the popular FooGallery plugin, potentially putting thousands of websites at risk. If you are using FooGallery and haven't updated to the latest patched version, your site could be vulnerable to a stored cross-site scripting (XSS) attack.

About FooGallery

FooGallery is a widely-used WordPress plugin that allows users to create beautiful, responsive galleries on their websites. With over 4.9 million downloads and 100,000 active installations, it is a popular choice for many website owners.

The Vulnerability

The FooGallery plugin, in versions up to and including 2.4.14, contains a stored cross-site scripting (XSS) vulnerability. Identified as CVE-2024-2762, this vulnerability was discovered by researcher Dmitrii Ignatyev. It exists in the Custom Gallery Class parameter and is due to insufficient input sanitization and output escaping.

Risks and Potential Impacts

This vulnerability allows authenticated attackers with author-level access and above to inject malicious scripts into your website. Once injected, these scripts can execute whenever a user visits the compromised page, potentially leading to stolen sensitive information, unauthorized actions, or even website defacement. Successful exploitation of this vulnerability could have serious consequences for your website and your users.

How to Fix the Vulnerability

To mitigate the risk posed by this vulnerability, it is crucial to update the FooGallery plugin to version 2.4.15 or later immediately. This version includes a patch that addresses the stored XSS vulnerability. In addition to updating, it is also recommended to review your website for any suspicious content or unexpected behavior that may indicate a compromised page.

Previous Vulnerabilities

It is worth noting that this is not the first vulnerability discovered in the FooGallery plugin. Since February 2019, there have been 13 previous vulnerabilities identified. This highlights the importance of regularly updating your plugins and staying informed about potential security risks.

The Importance of Staying Updated

As a small business owner, it can be challenging to find the time to stay on top of website security. However, the consequences of a compromised website can be severe, including loss of customer trust, financial losses, and damage to your brand's reputation. By prioritizing regular updates and partnering with a trusted web security professional, you can ensure that your WordPress site remains secure and protected against the latest threats.

If you are concerned about the security of your WordPress website or need assistance in updating your plugins, don't hesitate to reach out to a professional. They can help you navigate the complex world of website security and provide you with the peace of mind you need to focus on running your business.

Security vulnerabilities like this one demonstrate the importance of having WordPress experts regularly monitor, maintain and update your site. At Your WP Guy, we offer ongoing management to handle updates, security monitoring, backups, uptime and support so you can stop worrying and get back to growing your business.

Let us fully audit your site to check for any signs of this vulnerability or other issues. We'll immediately update any out-of-date plugins and harden your site's security. Chat with us anytime during business hours, schedule a call or call 678-995-5169 to lock down your online presence.

FooGallery Vulnerability – Authenticated (Author+) Stored Cross-Site Scripting – CVE-2024-2762 | WordPress Plugin Vulnerability Report FAQs

Leave a Comment