Master Slider – Responsive Touch Slider Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2023-6382 | WordPress Plugin Vulnerability Report
Plugin Name: Master Slider – Responsive Touch Slider
Key Information:
- Software Type: Plugin
- Software Slug: master-slider
- Software Status: Active
- Software Author: averta
- Software Downloads: 2,830,772
- Active Installs: 90,000
- Last Updated: June 12, 2024
- Patched Versions: 3.9.10
- Affected Versions: <= 3.9.9
Vulnerability Details:
- Name: Master Slider - Responsive Touch Slider <= 3.9.9
- Title: Authenticated (Contributor+) Stored Cross-Site Scripting
- Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
- CVE: CVE-2023-6382
- CVSS Score: 6.4
- Publicly Published: March 31, 2024
- Researcher: Rafshanzani Suhada
- Description: The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ms_slide' shortcode in all versions up to, and including, 3.9.9 due to insufficient input sanitization and output escaping on the user-supplied 'css_class' attribute. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts into pages that will execute whenever a user accesses an injected page.
Summary:
The Master Slider – Responsive Touch Slider plugin for WordPress has a vulnerability in versions up to and including 3.9.9 that allows authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts via the plugin's 'ms_slide' shortcode. This vulnerability has been patched in version 3.9.10.
Detailed Overview:
The vulnerability lies in the 'ms_slide' shortcode of the Master Slider – Responsive Touch Slider plugin, where insufficient input sanitization and output escaping on the user-supplied 'css_class' attribute create a loophole for attackers. Authenticated attackers with contributor-level and above permissions can exploit this vulnerability to inject malicious scripts into pages, posing risks such as unauthorized data access and potential website defacement. To remediate the vulnerability, users are strongly advised to update the plugin to version 3.9.10 or later.
Advice for Users:
Immediate Action: Update the Master Slider – Responsive Touch Slider plugin to version 3.9.10 or later to mitigate the risk of exploitation. Check for Signs of Vulnerability: Monitor your website for any unusual behavior, such as unexpected pop-ups or redirects, which may indicate compromise. Alternate Plugins: While a patch is available, users might still consider alternative slider plugins that offer similar functionality as a precautionary measure until the vulnerability is patched. Stay Updated: Always ensure that your plugins are updated to the latest versions to avoid vulnerabilities and maintain the security of your WordPress website.
Conclusion:
The prompt response from the plugin developers in releasing version 3.9.10 underscores the importance of timely updates in maintaining the security of WordPress installations. Users are advised to ensure that they are running version 3.9.10 or later to secure their WordPress installations against the vulnerability identified in CVE-2023-6382.