CVE-2023-32797
📋 TL;DR
This vulnerability allows attackers to inject malicious scripts into WordPress sites using the Video Carousel Slider with Lightbox plugin. When users view pages containing the injected scripts, attackers can steal session cookies, redirect users, or perform actions on their behalf. All WordPress sites running vulnerable versions of this plugin are affected.
💻 Affected Systems
- I Thirteen Web Solution Video Carousel Slider with Lightbox WordPress Plugin
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Attackers steal administrator session cookies, gain full administrative access to WordPress sites, install backdoors, deface websites, or exfiltrate sensitive data.
Likely Case
Attackers steal user session cookies, redirect visitors to malicious sites, or perform limited actions within the user's context.
If Mitigated
With proper input validation and output encoding, malicious scripts are neutralized before execution, preventing any impact.
🎯 Exploit Status
Reflected XSS vulnerabilities are commonly exploited and require minimal technical skill.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.0.23 or later
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Video Carousel Slider with Lightbox'. 4. Click 'Update Now' if update is available. 5. Alternatively, download version 1.0.23+ from WordPress repository and manually update.
🔧 Temporary Workarounds
Disable vulnerable plugin
allTemporarily disable the plugin until patched
wp plugin deactivate wp-responsive-video-gallery-with-lightbox
Implement WAF rules
allAdd XSS protection rules to web application firewall
🧯 If You Can't Patch
- Implement Content Security Policy (CSP) headers to restrict script execution
- Use web application firewall with XSS protection rules
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel > Plugins > Video Carousel Slider with Lightbox version numberCheck Version:
wp plugin get wp-responsive-video-gallery-with-lightbox --field=versionVerify Fix Applied:
Verify plugin version is 1.0.23 or higher in WordPress admin📡 Detection & Monitoring
Log Indicators:
- Unusual GET/POST parameters containing script tags in web server logs
- Multiple failed XSS attempts in security logs
Network Indicators:
- HTTP requests with script tags in query parameters
- Unusual redirects to external domains
SIEM Query:
source="web_server" AND ("<script" OR "javascript:" OR "onerror=" OR "onload=")🔗 References
- https://patchstack.com/database/vulnerability/wp-responsive-video-gallery-with-lightbox/wordpress-video-carousel-slider-with-lightbox-plugin-1-0-22-cross-site-scripting-xss-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/wp-responsive-video-gallery-with-lightbox/wordpress-video-carousel-slider-with-lightbox-plugin-1-0-22-cross-site-scripting-xss-vulnerability?_s_id=cve
