WordPress Plugins Stored Cross-Site Scripting Vulnerability via Bundled Magnific Popups Library

A stored cross-site scripting vulnerability has been identified in multiple WordPress plugins that utilize the Magnific Popups library, version 1.1.0. This vulnerability arises from inadequate input sanitization and output escaping of user-supplied attributes, allowing authenticated attackers with contributor-level access or higher to inject arbitrary scripts. The injected scripts are executed when a user accesses the affected page.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the page.

Reproduction

To reproduce this vulnerability, an authenticated user with contributor-level access or higher can inject scripts through user-supplied attributes that are not properly sanitized or escaped. Once injected, these scripts will be executed when the page is viewed by any user.

Remediation

Users can update to Magnific Popups version 1.2.0, which disables the loading of HTML in certain fields by default. WordPress plugin developers should ensure proper input sanitization and output escaping to prevent similar vulnerabilities.