A preferred WordPress plugin for privateness compliance with over 800,000 installations just lately patched a saved XSS vulnerability that might permit an attacker to add malicious scripts for launching assaults towards website guests.
Complianz | GDPR/CCPA Cookie Consent WordPress Plugin
The Complianz plugin for WordPress is a robust software that helps web site homeowners adjust to privateness rules such because the Normal Knowledge Safety Regulation (GDPR) and the California Shopper Privateness Act (CCPA).
The plugin manages a number of sides of consumer privateness together with blocking third-party cookies, managing cookie consent (together with per subregion), and managing a number of features associated to cookie banners.
It’s versatility and usefulness could account for the recognition of the software which at the moment has over 800,000 installations.
Complianz Plugin Saved XSS Vulnerability
The Complianz WordPress plugin was found to have a saved XSS vulnerability which is a sort of vulnerability that permits a consumer to add a malicious script on to the web site server. Not like a mirrored XSS that requires a web site consumer to click on a hyperlink, a saved XSS entails a malicious script saved and served from the goal web site’s server.
The vulnerability is within the Complianz admin settings which is within the type of an absence of two safety capabilities.
1. Enter Sanitization
The plugin lacked enough enter sanitization and output escaping. Enter sanitization is a regular course of for checking what’s enter into a web site, like right into a kind area, to make it possible for what’s enter is what’s anticipated, like a textual content enter versus a script add.
The official WordPress developer information describes knowledge sanitization as:
“Sanitizing enter is the method of securing/cleansing/filtering enter knowledge. Validation is most popular over sanitization as a result of validation is extra particular. However when “extra particular” isn’t doable, sanitization is the subsequent smartest thing.”
2. Escaping Output
The plugin lacked Output Escaping which is a safety course of that removes undesirable knowledge earlier than it will get rendered for a consumer.
How Critical Is The Vulnerability?
The vulnerability requires the attacker to acquire admin permission ranges and better with a purpose to execute the assault. That could be the explanation why this vulnerability is scored 4.4 out of 10, with ten representing the best stage of vulnerability.
The vulnerability solely impacts particular sorts of installations, too.
Based on Wordfence:
“This makes it doable for authenticated attackers, with administrator-level permissions and above, to inject arbitrary internet scripts in pages that can execute at any time when a consumer accesses an injected web page.
This solely impacts multi-site installations and installations the place unfiltered_html has been disabled.”
Replace To Newest Model
The vulnerability impacts Complianz variations equal to or lower than model 6.5.5. Customers are inspired to replace to model 6.5.6 or increased.
Learn the Wordfence advisory concerning the vulnerability: