Gutenverse Form WordPress Plugin Stored Cross-Site Scripting Vulnerability via SVG Upload
Vulnerability
A stored cross-site scripting vulnerability has been identified in the Gutenverse Form plugin for WordPress, affecting all versions through 2.3.2. The issue arises because the plugin's framework component adds SVG files to the allowed MIME types without proper sanitization. This flaw enables authenticated attackers with Author-level access or higher to upload SVG files containing malicious JavaScript. The injected script executes when the file is viewed, allowing for arbitrary JavaScript execution in the browsers of affected users.
Impact
Exploitation of this vulnerability allows for stored cross-site scripting, where uploaded SVG files can execute malicious JavaScript when viewed, potentially leading to harmful actions such as stealing cookies or session information.
Reproduction
To reproduce this vulnerability, an authenticated user with Author-level access or higher can upload an SVG file through the Gutenverse Form plugin. The uploaded file should contain malicious JavaScript, which will execute when the SVG is viewed, demonstrating the cross-site scripting vulnerability.
Remediation
Users are advised to update the Gutenverse Form plugin to version 2.4.0 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.