Starter Templates Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-4630 | WordPress Plugin Vulnerability Report

Plugin Name: Starter Templates

Key Information:

  • Software Type: Plugin
  • Software Slug: astra-sites
  • Software Status: Active
  • Software Author: brainstormforce
  • Software Downloads: 57,202,843
  • Active Installs: 1,000,000
  • Last Updated: May 10, 2024
  • Patched Versions: 4.2.2
  • Affected Versions: <= 4.2.1

Vulnerability Details:

  • Name: Starter Templates — Elementor, WordPress & Beaver Builder Templates <= 4.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
  • Type: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
  • CVE: CVE-2024-4630
  • CVSS Score: 6.4 (Medium)
  • Publicly Published: May 10, 2024
  • Researcher: wesley (wcraft)
  • Description: The Starter Templates — Elementor, WordPress & Beaver Builder Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'custom_upload_mimes' function in versions up to, and including, 4.2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Summary:

The Starter Templates for WordPress has a vulnerability in versions up to and including 4.2.1 that allows authenticated attackers with contributor-level permissions and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This vulnerability has been patched in version 4.2.2.

Detailed Overview:

The Starter Templates — Elementor, WordPress & Beaver Builder Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'custom_upload_mimes' function in versions up to, and including, 4.2.0 due to insufficient input sanitization and output escaping. This vulnerability was discovered by security researcher wesley (wcraft) and publicly disclosed on May 10, 2024. It allows authenticated attackers with contributor-level permissions and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page, potentially leading to sensitive information disclosure, session hijacking, or other malicious activities.

Advice for Users:

  1. Immediate Action: Users are strongly encouraged to update the Starter Templates plugin to version 4.2.2 or later to protect their WordPress installations from this vulnerability.
  2. Check for Signs of Vulnerability: Review your WordPress pages for any suspicious scripts or unauthorized modifications that may indicate a potential exploitation of this vulnerability.
  3. Alternate Plugins: While a patch is available, users might still consider plugins that offer similar functionality as a precaution.
  4. Stay Updated: Always ensure that your plugins are updated to the latest versions to avoid vulnerabilities.

The prompt response from the plugin developers to patch this vulnerability underscores the importance of timely updates. Users are advised to ensure that they are running version 4.2.2 or later to secure their WordPress installations.

References:

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/astra-sites

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/astra-sites/starter-templates-elementor-wordpress-beaver-builder-templates-421-authenticated-contributor-stored-cross-site-scripting

Detailed Report:

As a website owner, keeping your WordPress site secure should always be a top priority. With the ever-evolving landscape of online threats, staying vigilant and keeping your plugins up to date is crucial to maintain the integrity of your site and protect your users' sensitive information.

Recently, a significant vulnerability was discovered in the popular Starter Templates plugin for WordPress, affecting versions up to and including 4.2.1. This vulnerability, identified as CVE-2024-4630, allows authenticated attackers with contributor-level permissions and above to inject malicious scripts into your website's pages, potentially leading to sensitive information disclosure, session hijacking, and other harmful activities.

About the Starter Templates Plugin

Starter Templates is a popular WordPress plugin that provides users with a wide range of pre-designed templates for Elementor, WordPress, and Beaver Builder. With over 1 million active installations and more than 57 million downloads, this plugin is widely used by website owners to quickly create professional-looking pages.

The Vulnerability: CVE-2024-4630

The vulnerability, discovered by security researcher wesley (wcraft), is classified as an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS). It was found in the 'custom_upload_mimes' function of the plugin, which lacks sufficient input sanitization and output escaping. Attackers with contributor-level permissions or higher can exploit this vulnerability to inject arbitrary web scripts into pages, which will execute whenever a user accesses an affected page.

Risks and Potential Impacts

Exploiting this vulnerability can lead to various malicious activities, such as:

  1. Sensitive information disclosure: Attackers may steal users' personal data, login credentials, or other confidential information.
  2. Session hijacking: Attackers can gain unauthorized access to user sessions, allowing them to perform actions on behalf of the victim.
  3. Malware distribution: Injected scripts can redirect users to malicious websites or trick them into downloading malware.
  4. Reputation damage: If your website is compromised, it can harm your brand's reputation and erode user trust.

How to Fix the Vulnerability

To protect your website from this vulnerability, follow these steps:

  1. Update the Starter Templates plugin to version 4.2.2 or later, which includes a patch for this vulnerability.
  2. Review your WordPress pages for any suspicious scripts or unauthorized modifications that may indicate a potential exploitation of this vulnerability.
  3. Consider using alternative plugins that offer similar functionality as a precaution.
  4. Regularly update all your WordPress plugins to ensure you have the latest security patches and bug fixes.

Previous Vulnerabilities

It is worth noting that the Starter Templates plugin has had five previous vulnerabilities since October 2021. This highlights the importance of staying informed about the plugins you use and maintaining a proactive approach to website security.

The Importance of Staying on Top of Security Vulnerabilities

As a small business owner, managing website security can be challenging, especially when you have limited time and resources. However, neglecting security vulnerabilities can have severe consequences for your business, including data breaches, financial losses, and damage to your reputation.

By staying informed about the latest security threats and taking prompt action to address them, you can minimize the risks to your website and protect your users' data. Consider partnering with a reliable website security service provider who can help you monitor your site for vulnerabilities, apply updates, and implement best practices for website security.

Remember, investing in website security is not just about protecting your business; it's also about maintaining the trust of your customers and ensuring the long-term success of your online presence.

As a business owner, you don't have time to constantly monitor for WordPress vulnerabilities like this. At Your WP Guy, we become your outsourced IT team to handle security, updates, maintenance and support. Let us fully audit your site and plugins to assess any impact from this issue. We'll update everything to patched versions so you can rest easy knowing your site is locked down.

Focus on your business goals while we focus on your WordPress site's security. Chat with us anytime during business hours, schedule a call or call 678-995-5169 for a free consultation on securing your online presence.

Starter Templates Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-4630 | WordPress Plugin Vulnerability Report FAQs

Leave a Comment