Optimole WordPress Plugin Reflected Cross-Site Scripting Vulnerability

A reflected cross-site scripting vulnerability has been identified in the Optimole WordPress plugin, specifically in versions through 4.2.3. The issue arises from inadequate output escaping of user-supplied URL paths in the 'get_current_url()' function. These paths are inserted into JavaScript code via 'str_replace()' without proper escaping for JavaScript context in the 'replace_content()' function. This vulnerability allows unauthenticated attackers to inject arbitrary web scripts into pages, which could be executed if the victim is tricked into clicking a link.

Impact

Exploitation of this vulnerability allows for reflected cross-site scripting, where an attacker can inject malicious scripts that are executed in the context of the user's browser.

Reproduction

To reproduce this vulnerability, send a request to a page that uses the 'Optimole' plugin with a URL parameter that includes the injected script. The 'get_current_url()' function will process the URL without proper escaping, allowing the script to be executed in the user's browser.

Remediation

Users are advised to update the Optimole WordPress plugin to version 4.2.4 or later, where this vulnerability has been patched.