Login Sign Up

CVE-2023-47508

7.1 HIGH
Cross-Site Scripting

📋 TL;DR

Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability in the Averta Master Slider Pro WordPress plugin allows attackers to inject malicious scripts via crafted URLs. When users click malicious links, attackers can steal session cookies, redirect users, or perform actions on their behalf. This affects WordPress sites using Master Slider Pro version 3.6.5 and earlier.

💻 Affected Systems

Products:
  • Averta Master Slider Pro WordPress Plugin
Versions: <= 3.6.5
Operating Systems: All platforms running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: All WordPress installations with vulnerable plugin versions are affected regardless of configuration.

📦 What is this software?

Master Slider by Averta

View all CVEs affecting Master Slider →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal administrator session cookies, gain full control of WordPress site, install backdoors, deface site, or steal sensitive data.

🟠

Likely Case

Attackers steal user session cookies, redirect users to phishing sites, or perform limited actions as authenticated users.

🟢

If Mitigated

With proper Content Security Policy (CSP) headers and input validation, impact is limited to script execution in user's browser only.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Reflected XSS vulnerabilities are trivial to exploit with simple crafted URLs. Public proof-of-concept exists in vulnerability databases.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.6.6 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/masterslider/wordpress-master-slider-pro-plugin-3-6-5-reflected-cross-site-scripting-xss-vulnerability

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Master Slider Pro. 4. Click 'Update Now' if update available. 5. Alternatively, download latest version from WordPress repository and replace plugin files.

🔧 Temporary Workarounds

Temporary Plugin Deactivation

all

Disable Master Slider Pro plugin until patched

wp plugin deactivate masterslider

Web Application Firewall (WAF) Rules

all

Block XSS payloads at network perimeter

Add WAF rule: Block requests containing <script> tags in URL parameters

🧯 If You Can't Patch

  • Implement strict Content Security Policy (CSP) headers to prevent script execution
  • Use web application firewall to filter malicious input and block XSS payloads

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins for Master Slider Pro version

Check Version:

wp plugin list --name=masterslider --field=version

Verify Fix Applied:

Verify plugin version is 3.6.6 or higher in WordPress admin

📡 Detection & Monitoring

Log Indicators:

  • URLs containing suspicious script tags or JavaScript in query parameters
  • Multiple 404 errors with script-like parameters

Network Indicators:

  • HTTP requests with <script> tags in URL parameters
  • Unusual redirects from Master Slider pages

SIEM Query:

source="web_server" AND (url="*<script>*" OR url="*javascript:*") AND url="*/wp-content/plugins/masterslider/*"

📊 Metadata

CVE ID: CVE-2023-47508
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
CWE: CWE-79
Published: November 16, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-47508, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)