YARPP Vulnerability – Authenticated(Administrator+) Stored Cross-Site Scripting via settings – CVE-2024-0602 | WordPress Plugin Vulnerability Report

Plugin Name: YARPP

Key Information:

  • Software Type: Plugin
  • Software Slug: yet-another-related-posts-plugin
  • Software Status: Active
  • Software Author: jeffparker
  • Software Downloads: 7,579,644
  • Active Installs: 100,000
  • Last Updated: February 20, 2024
  • Patched Versions: 5.30.10
  • Affected Versions: 5.30.9

Vulnerability Details:

  • Name: Yet Another Related Posts Plugin (YARPP) <= 5.30.9 - Authenticated(Administrator+) Stored Cross-Site Scripting via settings
  • Title: Authenticated(Administrator+) Stored Cross-Site Scripting via settings
  • Type: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
  • CVE: CVE-2024-0602
  • CVSS Score: 4.4 (Medium)
  • Publicly Published: February 20, 2024
  • Researcher: Akbar Kustirama
  • Description: The YARPP – Yet Another Related Posts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.30.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

Summary:

The YARPP plugin for WordPress has a vulnerability in versions up to and including 5.30.9 that allows authenticated users with admin permissions to inject malicious scripts. This cross-site scripting vulnerability has been patched in version 5.30.10.

Detailed Overview:

Researcher Akbar Kustirama discovered a stored cross-site scripting vulnerability in the YARPP WordPress plugin affecting versions up to and including 5.30.9. The vulnerability allows authenticated users with admin permissions to inject arbitrary web scripts due to insufficient sanitization of user input. When stored scripts are executed, they grant the attacker elevated privileges to extract sensitive information or perform malicious actions. This vulnerability has been assigned CVE identifier CVE-2024-0602 and a CVSS severity score of 4.4 (Medium). The developer has released YARPP version 5.30.10 to address this vulnerability by properly sanitizing input. All users are urged to update immediately.

Advice for Users:

  1. Immediate Action: Update to the latest patched release, YARPP 5.30.10, as soon as possible.
  2. Check for Signs of Vulnerability: Review your site for any unauthorized injected scripts. Also check for unauthorized admin users.
  3. Alternate Plugins: Consider alternate related posts plugins like Contextual Related Posts as a precaution.
  4. Stay Updated: Enable automatic updates in WordPress to receive timely security fixes.

Conclusion:

The timely patch for this stored XSS vulnerability in YARPP underscores the critical importance of staying updated. Users should install version 5.30.10 immediately to protect their sites. As always, enabling automatic updates is the best way to ensure you have the latest security fixes.

References:

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/yet-another-related-posts-plugin

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/yet-another-related-posts-plugin/yet-another-related-posts-plugin-yarpp-5309-authenticatedadministrator-stored-cross-site-scripting-via-settings

Detailed Report:

Keeping your WordPress website secure should be a top priority – after all, you don't want your hard work compromised. Unfortunately, the latest security vulnerability in the popular YARPP plugin serves as an urgent reminder that outdated plugins pose a severe risk. In this post, we’ll cover everything you need to know to lock down your site.

YARPP, or Yet Another Related Posts Plugin, is a widely used WordPress plugin with over 7 million downloads. It helps site owners increase user engagement by displaying related posts. This useful plugin powers over 100,000 active sites, but versions up to and including 5.30.9 contain a serious stored cross-site scripting (XSS) vulnerability.

Researcher Akbar Kustirama discovered that the vulnerability stems from insufficient sanitization of user-supplied input. By injecting malicious scripts into settings pages, an attacker with admin privileges can execute code when pages load. This grants elevated access to take over accounts, extract sensitive data, or deface sites.

YARPP sites running any version prior to 5.30.10 are exposed. To remediate, a security update is available and should be installed immediately. You can update manually in the WordPress dashboard or enable automatic background updates for hassle-free security. Review your plugin list and settings for any unauthorized changes just in case.

This is the 6th vulnerability found in YARPP since May 2015. The regularity of flaws uncovered in popular plugins is a sobering reminder of the importance of vigilant security hygiene – something busy small business owners may be tempted to neglect when juggling other priorities. However, staying on top of updates is truly essential to avoid leaving doors open for attacks.

By raising awareness and encouraging prompt patching, the YARPP developers have done their part to protect users. Do yours by updating or enabling automated background updates. Making site security a habit will pay off when the next inevitable vulnerability emerges in a popular plugin. Regular upkeep is essential as plugins like YARPP have become common gateways for attacks, but with the right focus they don’t have to become liabilities.

Staying on top of WordPress security can feel overwhelming for small business owners without dedicated IT staff. At Your WP Guy, we exist to shoulder that burden for you. Our WordPress experts can fully audit, secure, maintain and support your site - so you can focus on growing your business with peace of mind.

Don't tackle security risks alone. Let us help you assess any impact from this vulnerability, update your plugins, and implement ongoing maintenance to avoid future threats. We treat your website like it's our own - because we know how critical it is for reaching your customers.

Get in touch for a free consultation today on making WordPress security stress-free. Call 678-995-5169 or book a call here. Our knowledgeable team is ready to help you safeguard your online presence.

YARPP Vulnerability – Authenticated(Administrator+) Stored Cross-Site Scripting via settings – CVE-2024-0602 | WordPress Plugin Vulnerability Report FAQs

Leave a Comment