CVE-2022-44736 Auth

CVE-2022-44736 Auth

This POC code is available in Chameleon source code. This XSS vulnerability is due to lack of input validation on certain parameters. An attacker can inject malicious code in the website and get access to administrator account via this XSS. Plugins like Jetpack, Contact Form 7, and Google Analytics are widely used. If you use any of these plugins on your website, then it is recommended to upgrade them as soon as possible. Stored XSS vulnerability in Chameleon plugin.

Chameleon Stored XSS Vulnerability

The vulnerability lies in the stored XSS vulnerability in Chameleon plugin. This vulnerability is caused due to lack of input validation on certain parameters by a user. An attacker can inject malicious code in the website and get access to administrator account via this XSS. The following are some of the impacts of this vulnerability:
- A hacker can use this vulnerability to gain administrator privileges on an affected website for themselves or for others
- User data could be stolen as well
- Account information may also be exposed to hackers if not secured properly
- Malicious actors could exploit vulnerabilities on websites that use this plugin

Chameleon Stored XSS Vulnerability

Chameleon is a very popular WordPress plugin that is widely used. The plugin has many security vulnerabilities and this XSS vulnerability is one of them. This vulnerability can be exploited by an attacker to inject malicious code in the website and get access to administrator account via this XSS.
The affected parameter of the POC code:
$post = $this->get_post();
$requested_id = 0;

If an attacker sends a request with the following parameter:
"action=edit&post_id=$requested_id"
then the vulnerable code will execute. So, it is recommended to upgrade your Chameleon plugin as soon as possible.
Another important point is that Chameleon plugin supports Jetpack and Contact Form 7 plugins, so if you are using any of these two plugins on your website, then it's recommend that you upgrade them too.

Chameleon – Stored XSS vulnerability

Chameleon is an open source framework that integrates with WordPress to speed up and simplify web development tasks. One of the many plugins used by Chameleon is Contact Form 7.
In this blog post, I will be discussing a stored cross-site scripting (XSS) vulnerability found in the Chameleon plugin when using Contact Form 7.

Stored XSS in Chameleon plugin

Chameleon plugin is used by many websites. So, it is highly likely that your website has a stored XSS vulnerability in Chameleon plugin.
This POC code can be used to execute a stored XSS attack in the website.

A demonstration of how a user can exploit this vulnerability:

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe