GreenShift Animation and Page Builder Blocks Stored Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in the GreenShift Animation and Page Builder Blocks plugin for WordPress, affecting versions through 12.8.9. The issue arises from inadequate input sanitization and output escaping in the 'gspb_greenShift_block_script_assets' function. This function processes image blocks by adding a 'fetchpriority' attribute, but the method used to insert this attribute creates an opportunity for injection. Authenticated attackers with contributor-level access can exploit this vulnerability to inject malicious scripts that are executed when the affected page is viewed.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the page.

Reproduction

To reproduce this vulnerability, an authenticated user with contributor-level access can create or edit a page using the GreenShift Animation and Page Builder Blocks plugin. By adding an image block and enabling the 'disablelazy' attribute, the user can inject a script by manipulating the 'src' attribute. Once the page is saved and viewed, the injected script will execute, demonstrating the cross-site scripting vulnerability.

Remediation

Users are advised to update the GreenShift Animation and Page Builder Blocks plugin to version 12.9.0 or later, where this vulnerability has been patched.