A preferred WordPress plugin for privateness compliance with over 800,000 installations just lately patched a saved XSS vulnerability that might enable an attacker to add malicious scripts for launching assaults in opposition to web site guests.
Complianz | GDPR/CCPA Cookie Consent WordPress Plugin
The Complianz plugin for WordPress is a strong software that helps web site homeowners adjust to privateness laws such because the Common Information Safety Regulation (GDPR) and the California Client Privateness Act (CCPA).
The plugin manages a number of aspects of consumer privateness together with blocking third-party cookies, managing cookie consent (together with per subregion), and managing a number of points associated to cookie banners.
It’s versatility and usefulness could account for the recognition of the software which at the moment has over 800,000 installations.
Complianz Plugin Saved XSS Vulnerability
The Complianz WordPress plugin was found to have a saved XSS vulnerability which is a sort of vulnerability that permits a consumer to add a malicious script on to the web site server. Not like a mirrored XSS that requires an internet site consumer to click on a hyperlink, a saved XSS entails a malicious script saved and served from the goal web site’s server.
The vulnerability is within the Complianz admin settings which is within the type of a scarcity of two safety features.
1. Enter Sanitization
The plugin lacked ample enter sanitization and output escaping. Enter sanitization is an ordinary course of for checking what’s enter into an internet site, like right into a kind subject, to guarantee that what’s enter is what’s anticipated, like a textual content enter versus a script add.
The official WordPress developer guide describes data sanitization as:
“Sanitizing enter is the method of securing/cleansing/filtering enter information. Validation is most well-liked over sanitization as a result of validation is extra particular. However when “extra particular” isn’t doable, sanitization is the subsequent smartest thing.”
2. Escaping Output
The plugin lacked Output Escaping which is a safety course of that removes undesirable information earlier than it will get rendered for a consumer.
How Severe Is The Vulnerability?
The vulnerability requires the attacker to acquire admin permission ranges and better as a way to execute the assault. Which may be the rationale why this vulnerability is scored 4.4 out of 10, with ten representing the best degree of vulnerability.
The vulnerability solely impacts particular sorts of installations, too.
In line with Wordfence:
“This makes it doable for authenticated attackers, with administrator-level permissions and above, to inject arbitrary internet scripts in pages that can execute every time a consumer accesses an injected web page.
This solely impacts multi-site installations and installations the place unfiltered_html has been disabled.”
Replace To Newest Model
The vulnerability impacts Complianz variations equal to or lower than model 6.5.5. Customers are inspired to replace to model 6.5.6 or increased.
Learn the Wordfence advisory concerning the vulnerability: