Can you explain this vulnerability to me?

The vulnerability exists in the wpDataTables WordPress plugin, specifically in all versions up to and including 6.5.0.4. It is a Stored Cross-Site Scripting (XSS) issue caused by insufficient input sanitization and output escaping in the prepareCellOutput() method of certain classes (LinkWDTColumn, ImageWDTColumn, and EmailWDTColumn).

This flaw allows unauthenticated attackers to inject arbitrary web scripts into pages. These scripts execute whenever a user accesses the injected page, but only if an attacker can trick an Administrator into importing data from an attacker-controlled source and the affected column types (Link, Image, or Email) are configured.

Useful 0 Not Useful 0

How can this vulnerability impact me? :

This vulnerability can lead to the execution of malicious scripts in the context of the affected website. An attacker could exploit this to perform actions such as stealing sensitive information, hijacking user sessions, or defacing the website.

Since the attack requires tricking an Administrator into importing malicious data, the impact depends on social engineering success and the configuration of specific column types in the plugin.

The CVSS score of 4.7 indicates a medium severity, with network attack vector, high attack complexity, no privileges required, and user interaction required, affecting confidentiality and integrity but not availability.

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, you should update the wpDataTables plugin to a version later than 6.5.0.4 where the issue is fixed.

Additionally, avoid importing data from untrusted or attacker-controlled sources, especially if the affected column types (Link, Image, or Email) are configured.

Ensure that only trusted administrators have the ability to import data into the plugin.

Useful 0 Not Useful 0