Armis Vulnerability Intelligence Database

Description Preview

The Cool Tag Cloud WordPress plugin before version 2.26 contains a stored Cross-Site Scripting (XSS) vulnerability. The plugin does not properly escape the style attribute of the cool_tag_cloud shortcode, allowing users with privileges as low as Contributor to inject malicious JavaScript code that executes in visitors' browsers when they view affected pages.

Overview

The Cool Tag Cloud WordPress plugin enhances tag cloud display functionality on WordPress sites. In versions prior to 2.26, the plugin fails to properly sanitize or validate user input in the style attribute of its shortcode. This vulnerability allows authenticated users with contributor-level access or higher to inject malicious JavaScript code into pages. When other users (including administrators) view these pages, the injected code executes in their browsers, potentially leading to cookie theft, credential harvesting, or other malicious actions performed in the context of the victim's session.

Remediation

Update the Cool Tag Cloud WordPress plugin to version 2.26 or later immediately.
If immediate updating is not possible, consider temporarily disabling the plugin until it can be updated.
Review any content created by contributors or other users for potential malicious shortcode usage.
Consider implementing a Web Application Firewall (WAF) to provide additional protection against XSS attacks.
Follow the principle of least privilege by limiting the number of users with contributor or higher roles.

References

WPScan Vulnerability Database: https://wpscan.com/vulnerability/7dfdd50d-77f9-4f0a-8673-8f033c0b0e05
Common Weakness Enumeration: CWE-79 (Improper Neutralization of Input During Web Page Generation)
OWASP XSS Prevention Cheat Sheet: https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

Accommodation & Food Services
Accommodation & Food Services
Administrative, Support, Waste Management & Remediation Services
Administrative, Support, Waste Management & Remediation Services
Agriculture, Forestry Fishing & Hunting
Agriculture, Forestry Fishing & Hunting
Arts, Entertainment & Recreation
Arts, Entertainment & Recreation
Construction
Construction
Educational Services
Educational Services
Finance and Insurance
Finance and Insurance
Health Care & Social Assistance
Health Care & Social Assistance
Information
Information
Management of Companies & Enterprises
Management of Companies & Enterprises
Manufacturing
Manufacturing
Mining
Mining
Other Services (except Public Administration)
Other Services (except Public Administration)
Professional, Scientific, & Technical Services
Professional, Scientific, & Technical Services
Public Administration
Public Administration
Real Estate Rental & Leasing
Real Estate Rental & Leasing
Retail Trade
Retail Trade
Transportation & Warehousing
Transportation & Warehousing
Utilities
Utilities
Wholesale Trade
Wholesale Trade

^{CVE-2021-24682:}Cross-Site Scripting (XSS) vulnerability in Cool Tag Cloud WordPress plugin before version 2.26

Description Preview

Overview

Remediation

References

Focus on What Matters

Let's talk!