CVE-2024-5020

Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library

Severity Score

6.4

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript library (versions 1.3.4 to 3.5.7) in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Varios complementos para WordPress son vulnerables a Cross-Site Scripting almacenado a través de la librería de JavaScript FancyBox incluida en el complemento (versiones 1.3.4 a 3.5.7) en varias versiones debido a una desinfección de entrada y al escape de salida insuficiente en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada.

*Credits: Craig Smith

CVSS Scores

Wordfencev3.1 6.4

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-16 CVE Reserved
2024-12-03 CVE Published
2024-12-04 CVE Updated
2024-12-17 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CAPEC

References (14)

URL	Tag	Source
https://plugins.trac.wordpress.org/changeset/3150376/woo-smart-quick-view
https://plugins.trac.wordpress.org/changeset/3153081/colibri-page-builder
https://plugins.trac.wordpress.org/changeset/3156791/form-maker
https://plugins.trac.wordpress.org/changeset/3157076/nextgen-gallery
https://plugins.trac.wordpress.org/changeset/3158415/envira-gallery-lite
https://plugins.trac.wordpress.org/changeset/3160232/easy-fancybox
https://plugins.trac.wordpress.org/changeset/3160432/visual-portfolio
https://plugins.trac.wordpress.org/changeset/3161422/fv-wordpress-flowplayer
https://plugins.trac.wordpress.org/changeset/3161892/wp-carousel-free
https://plugins.trac.wordpress.org/changeset/3169926/accordion-slider
https://plugins.trac.wordpress.org/changeset/3173097/responsive-lightbox
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3175577%40getwid%2Ftrunk&old=3119180%40getwid%2Ftrunk&sfp_email=&sfph_mail=
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3186301%40fancybox-for-wordpress%2Ftrunk&old=3058912%40fancybox-for-wordpress%2Ftrunk&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/d99d4b9a-aa09-434d-91a8-7afaa0e8b5db?source=cve

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Extendthemes Search vendor "Extendthemes"		Colibri Page Builder Search vendor "Extendthemes" for product "Colibri Page Builder"				<= 1.0.286 Search vendor "Extendthemes" for product "Colibri Page Builder" and version " <= 1.0.286"		en		Affected
Smub Search vendor "Smub"		Gallery Plugin For WordPress – Envira Photo Gallery Search vendor "Smub" for product "Gallery Plugin For WordPress – Envira Photo Gallery"				<= 1.8.15 Search vendor "Smub" for product "Gallery Plugin For WordPress – Envira Photo Gallery" and version " <= 1.8.15"		en		Affected
Bqworks Search vendor "Bqworks"		Accordion Slider Search vendor "Bqworks" for product "Accordion Slider"				<= 1.9.12 Search vendor "Bqworks" for product "Accordion Slider" and version " <= 1.9.12"		en		Affected
10web Search vendor "10web"		Form Maker Search vendor "10web" for product "Form Maker"				<= 1.15.27 Search vendor "10web" for product "Form Maker" and version " <= 1.15.27"		en		Affected
Jetmonsters Search vendor "Jetmonsters"		Getwid – Gutenberg Blocks Search vendor "Jetmonsters" for product "Getwid – Gutenberg Blocks"				<= 2.0.11 Search vendor "Jetmonsters" for product "Getwid – Gutenberg Blocks" and version " <= 2.0.11"		en		Affected
Firelightwp Search vendor "Firelightwp"		Firelight Lightbox Search vendor "Firelightwp" for product "Firelight Lightbox"				<= 2.3.3 Search vendor "Firelightwp" for product "Firelight Lightbox" and version " <= 2.3.3"		en		Affected
Dfactory Search vendor "Dfactory"		Responsive Lightbox & Gallery Search vendor "Dfactory" for product "Responsive Lightbox & Gallery"				<= 2.4.8 Search vendor "Dfactory" for product "Responsive Lightbox & Gallery" and version " <= 2.4.8"		en		Affected
Shapedplugin Search vendor "Shapedplugin"		Carousel, Slider, Gallery Search vendor "Shapedplugin" for product "Carousel, Slider, Gallery"				<= 2.6.8 Search vendor "Shapedplugin" for product "Carousel, Slider, Gallery" and version " <= 2.6.8"		en		Affected
Colorlibplugins Search vendor "Colorlibplugins"		FancyBox For WordPress Search vendor "Colorlibplugins" for product "FancyBox For WordPress"				<= 3.3.4 Search vendor "Colorlibplugins" for product "FancyBox For WordPress" and version " <= 3.3.4"		en		Affected
Nko Search vendor "Nko"		Visual Portfolio, Photo Gallery & Post Grid Search vendor "Nko" for product "Visual Portfolio, Photo Gallery & Post Grid"				<= 3.3.9 Search vendor "Nko" for product "Visual Portfolio, Photo Gallery & Post Grid" and version " <= 3.3.9"		en		Affected
Smub Search vendor "Smub"		Photo Gallery, Sliders, Proofing And Themes – NextGEN Gallery Search vendor "Smub" for product "Photo Gallery, Sliders, Proofing And Themes – NextGEN Gallery"				<= 3.59.4 Search vendor "Smub" for product "Photo Gallery, Sliders, Proofing And Themes – NextGEN Gallery" and version " <= 3.59.4"		en		Affected
Wpclever Search vendor "Wpclever"		WPC Smart Quick View For WooCommerce Search vendor "Wpclever" for product "WPC Smart Quick View For WooCommerce"				<= 4.1.1 Search vendor "Wpclever" for product "WPC Smart Quick View For WooCommerce" and version " <= 4.1.1"		en		Affected
Easy Social Feed Search vendor "Easy Social Feed"		Easy Social Feed Premium Search vendor "Easy Social Feed" for product "Easy Social Feed Premium"				<= 6.6.2 Search vendor "Easy Social Feed" for product "Easy Social Feed Premium" and version " <= 6.6.2"		en		Affected
Foliovision Search vendor "Foliovision"		FV Flowplayer Video Player Search vendor "Foliovision" for product "FV Flowplayer Video Player"				<= 7.5.47.7212 Search vendor "Foliovision" for product "FV Flowplayer Video Player" and version " <= 7.5.47.7212"		en		Affected