Login Sign Up

CVE-2023-3168

7.2 HIGH
Cross-Site Scripting

📋 TL;DR

The WP Reroute Email plugin for WordPress has a stored cross-site scripting (XSS) vulnerability in versions up to 1.4.9, allowing unauthenticated attackers to inject malicious scripts via email subjects. This affects WordPress sites using the vulnerable plugin, potentially compromising user sessions or defacing pages when users view injected content.

💻 Affected Systems

Products:
  • WP Reroute Email plugin for WordPress
Versions: Up to and including version 1.4.9
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: All WordPress installations with the vulnerable plugin enabled are affected, regardless of configuration.

📦 What is this software?

Wp Reroute Email by Wp Reroute Email Project

View all CVEs affecting Wp Reroute Email →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, redirect users to malicious sites, or perform actions as authenticated users, leading to full site compromise or data theft.

🟠

Likely Case

Attackers inject malicious scripts to deface pages, steal user data, or spread malware to visitors, causing reputational damage and potential legal issues.

🟢

If Mitigated

With proper input sanitization and output escaping, the risk is minimized to low, preventing script execution and limiting impact to minor disruptions.

🌐 Internet-Facing: HIGH, as the vulnerability is exploitable by unauthenticated attackers via public-facing WordPress pages, making it easily accessible.
🏢 Internal Only: LOW, unless the WordPress site is internally hosted and accessible only to trusted users, reducing exposure to external threats.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation is straightforward due to unauthenticated access and lack of input sanitization, making it attractive for attackers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 1.5.0 or later

Vendor Advisory: https://plugins.trac.wordpress.org/changeset/2933637/wp-reroute-email

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find WP Reroute Email and update to version 1.5.0 or later. 4. Verify the update completes successfully.

🔧 Temporary Workarounds

Disable the plugin

all

Temporarily deactivate the WP Reroute Email plugin to prevent exploitation until patching is possible.

wp plugin deactivate wp-reroute-email

🧯 If You Can't Patch

  • Implement a web application firewall (WAF) to block XSS payloads in email subjects.
  • Restrict access to the WordPress admin panel and monitor for unusual activity or script injections.

🔍 How to Verify

Check if Vulnerable:

Check the plugin version in WordPress admin under Plugins > Installed Plugins; if version is 1.4.9 or lower, it is vulnerable.

Check Version:

wp plugin get wp-reroute-email --field=version

Verify Fix Applied:

After updating, confirm the plugin version is 1.5.0 or higher in the same location and test email subject inputs for script execution.

📡 Detection & Monitoring

Log Indicators:

  • Unusual POST requests to plugin endpoints with script tags in email subjects
  • Error logs showing XSS attempts or script injections

Network Indicators:

  • HTTP requests containing malicious script payloads in email subject parameters

SIEM Query:

source="wordpress_logs" AND ("wp-reroute-email" OR "email subject") AND ("script" OR "onerror" OR "javascript:")

📊 Metadata

CVE ID: CVE-2023-3168
CVSS v3 Score: 7.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Published: July 12, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON