CVE-2023-32105 – Unauthenticated reflected cross-site scripting ... (How to Fix)

Q: How do I fix CVE-2023-32105?

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find WPPizza plugin. 4. Click 'Update Now' if update available. 5. If no update appears, manually download version 3.17.2+ from WordPress.org and replace plugin files.

Q: What is the severity of CVE-2023-32105?

CVE-2023-32105 has a CVSS score of 7.1 (HIGH). Unauthenticated reflected cross-site scripting (XSS) vulnerability in the WPPizza WordPress plugin allows attackers to inject malicious scripts via crafted URLs. When users click malicious links, attackers can steal session cookies, redirect users, or perform actions on their behalf. This affects all WordPress sites running WPPizza plugin version 3.17.1 or earlier.

📋 TL;DR

Unauthenticated reflected cross-site scripting (XSS) vulnerability in the WPPizza WordPress plugin allows attackers to inject malicious scripts via crafted URLs. When users click malicious links, attackers can steal session cookies, redirect users, or perform actions on their behalf. This affects all WordPress sites running WPPizza plugin version 3.17.1 or earlier.

💻 Affected Systems

Products:

WPPizza - A Restaurant Plugin for WordPress

Versions: <= 3.17.1

Operating Systems: All operating systems running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: All WordPress installations with vulnerable plugin versions are affected regardless of configuration.

📦 What is this software?

Wppizza by Wp Pizza

View all CVEs affecting Wppizza →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal administrator session cookies, gain full administrative access to WordPress site, install backdoors, deface website, or steal sensitive customer data.

🟠

Likely Case

Attackers steal user session cookies, redirect users to phishing sites, or perform limited actions within user context.

🟢

If Mitigated

With proper Content Security Policy (CSP) headers and input validation, malicious scripts are blocked from executing.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires user interaction (clicking malicious link) but is trivial to execute.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.17.2 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/wppizza/wordpress-wppizza-a-restaurant-plugin-plugin-3-17-1-reflected-cross-site-scripting-xss-vulnerability

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find WPPizza plugin. 4. Click 'Update Now' if update available. 5. If no update appears, manually download version 3.17.2+ from WordPress.org and replace plugin files.

🔧 Temporary Workarounds

Implement Content Security Policy

all

Add CSP headers to block inline script execution and restrict script sources.

Add to .htaccess: Header set Content-Security-Policy "default-src 'self'; script-src 'self'"
Add to nginx config: add_header Content-Security-Policy "default-src 'self'; script-src 'self'";

Disable Plugin

all

Temporarily disable WPPizza plugin until patched.

wp plugin deactivate wppizza
Or via WordPress admin: Plugins > Installed Plugins > WPPizza > Deactivate

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block XSS payloads in URLs
Restrict plugin access to authenticated users only via .htaccess or nginx rules

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel: Plugins > Installed Plugins, find WPPizza and check version number.

Check Version:

wp plugin get wppizza --field=version

Verify Fix Applied:

Verify plugin version is 3.17.2 or later in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

Unusual long URLs with script tags in access logs
Multiple 404 errors for crafted URLs containing script payloads

Network Indicators:

HTTP requests with script tags in query parameters
Unusual redirects from your domain

SIEM Query:

source="web_access_logs" AND (url="*<script>*" OR url="*javascript:*")

📊 Metadata

CVE ID: CVE-2023-32105

CVSS v3 Score: 7.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

CWE: CWE-79

Published: August 18, 2023

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-32105, you might also want to check these: