Plugin Vulnerability Could Lead to Stored XSS Attacks
CVE-2023-6000

6.1MEDIUM

Key Information:

Vendor
Wordpress
Status
Popup Builder
Vendor
CVE Published:
1 January 2024

Badges

πŸ’° RansomwareπŸ‘Ύ Exploit Exists🟑 Public PoCπŸ“° News Worthy

Summary

The Popup Builder WordPress plugin before 4.2.3 does not prevent simple visitors from updating existing popups, and injecting raw JavaScript in them, which could lead to Stored XSS attacks.

Affected Version(s)

Popup Builder 0 < 4.2.3

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-6000 - Proof of Concept

CVE-2023-6000
Created by rxerium

News Articles

favicon imageThe Hacker News

Malware Campaign Exploits Popup Builder WordPress Plugin to Infect 3,900+ Sites

WordPress sites under attack! A new malware campaign exploits Popup Builder plugin vulnerability (CVE-2023-6000) infecting over 3,900 sites

11 months ago

favicon imageDark Reading

Nearly 7K WordPress Sites Compromised by Balada Injector

Nearly 200K WordPress sites could be vulnerable to the attack thanks to CVE-2023-6000, lurking in the PopUp Builder plug-in.

1 year ago

References

https://wpscan.com/vulnerability/cdb3a8bd-4ee0-4ce0-9029-...
exploitvdb-entrytechnical-description
https://wpscan.com/blog/stored-xss-fixed-in-popup-builder...
technical-description

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • πŸ’°

    Used in Ransomware

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

  • πŸ“°

    First article discovered by Dark Reading

  • Vulnerability published

  • Vulnerability Reserved

Credit

Marc Montpas
WPScan
.