CVE-2023-33333
📋 TL;DR
This vulnerability allows attackers to perform Cross-Site Request Forgery (CSRF) attacks that lead to site-wide Cross-Site Scripting (XSS) in the Complianz WordPress plugins. Attackers can trick authenticated administrators into executing malicious actions, potentially injecting malicious scripts across the entire website. All WordPress sites using vulnerable versions of Complianz or Complianz Premium plugins are affected.
💻 Affected Systems
- Complianz
- Complianz Premium
📦 What is this software?
Complianz by Really Simple Plugins
Complianz by Really Simple Plugins
⚠️ Risk & Real-World Impact
Worst Case
Complete site takeover through persistent XSS payloads that affect all visitors, leading to credential theft, malware distribution, or defacement.
Likely Case
Attackers inject malicious JavaScript that steals session cookies or redirects users to phishing sites, compromising user accounts and data.
If Mitigated
Limited impact with proper CSRF protections and content security policies in place, though some administrative functions may still be vulnerable.
🎯 Exploit Status
Exploitation requires tricking an authenticated administrator into clicking a malicious link or visiting a compromised page. The CSRF-to-XSS chain makes this particularly dangerous.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Complianz: 6.4.5+, Complianz Premium: 6.4.6.2+
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Complianz or Complianz Premium. 4. Click 'Update Now' if available. 5. If auto-update fails, download latest version from WordPress repository or vendor site and manually update.
🔧 Temporary Workarounds
Temporary Plugin Deactivation
allDisable the vulnerable plugin until patching is possible
wp plugin deactivate complianz-gdpr
wp plugin deactivate complianz-gdpr-premium
CSRF Protection Headers
allImplement Content Security Policy (CSP) headers to mitigate XSS impact
Add to .htaccess: Header set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:"
Add to nginx config: add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:";
🧯 If You Can't Patch
- Restrict administrative access to trusted networks only using firewall rules or VPN
- Implement additional authentication factors for WordPress admin users
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel > Plugins > Installed Plugins for Complianz version numbersCheck Version:
wp plugin list --name=complianz --field=versionVerify Fix Applied:
Verify plugin version is Complianz 6.4.5+ or Complianz Premium 6.4.6.2+ in WordPress admin📡 Detection & Monitoring
Log Indicators:
- Unusual POST requests to wp-admin/admin-ajax.php with Complianz-related actions
- Multiple failed CSRF token validations in WordPress debug logs
Network Indicators:
- Suspicious referrer headers in admin requests
- Unexpected JavaScript injection in plugin settings pages
SIEM Query:
source="wordpress.log" AND ("complianz" OR "gdpr") AND ("admin-ajax" OR "csrf")🔗 References
- https://patchstack.com/database/vulnerability/complianz-gdpr-premium/wordpress-complianz-premium-plugin-6-4-6-1-csrf-to-site-wide-cross-site-scripting-xss-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/complianz-gdpr/wordpress-complianz-plugin-6-4-4-csrf-lead-to-site-wide-cross-site-scripting-xss-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/complianz-gdpr-premium/wordpress-complianz-premium-plugin-6-4-6-1-csrf-to-site-wide-cross-site-scripting-xss-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/complianz-gdpr/wordpress-complianz-plugin-6-4-4-csrf-lead-to-site-wide-cross-site-scripting-xss-vulnerability?_s_id=cve
