CVE-2024-12403
📋 TL;DR
This vulnerability allows unauthenticated attackers to perform reflected cross-site scripting attacks via the 'awsmgallery' parameter in the Image Gallery – Responsive Photo Gallery WordPress plugin. Attackers can inject malicious scripts that execute when users click specially crafted links, potentially stealing session cookies or redirecting users to malicious sites. All WordPress sites using this plugin up to version 1.0.5 are affected.
💻 Affected Systems
- Image Gallery – Responsive Photo Gallery WordPress plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers steal administrator session cookies, gain administrative access to WordPress, install backdoors, deface websites, or distribute malware to visitors.
Likely Case
Attackers steal user session cookies, perform account takeovers, redirect users to phishing sites, or display malicious content.
If Mitigated
With proper web application firewalls and security headers, the attack is blocked or limited to non-sensitive user actions.
🎯 Exploit Status
Exploitation requires tricking users into clicking malicious links. No authentication required. Proof of concept is publicly available in vulnerability references.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.0.6 or later
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Image Gallery – Responsive Photo Gallery'. 4. Click 'Update Now' if update available. 5. If no update appears, manually download version 1.0.6+ from WordPress.org and replace plugin files.
🔧 Temporary Workarounds
Disable Plugin
allTemporarily disable the vulnerable plugin until patched
wp plugin deactivate awesome-responsive-photo-gallery
Web Application Firewall Rule
allBlock requests containing malicious XSS payloads in the awsmgallery parameter
ModSecurity rule: SecRule ARGS:awsmgallery "@rx <script" "id:1001,phase:2,deny,status:403,msg:'XSS attempt in Image Gallery plugin'"
🧯 If You Can't Patch
- Implement Content Security Policy headers to restrict script execution
- Deploy a web application firewall with XSS protection rules
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin → Plugins → Installed Plugins for 'Image Gallery – Responsive Photo Gallery' version 1.0.5 or earlierCheck Version:
wp plugin get awesome-responsive-photo-gallery --field=versionVerify Fix Applied:
Verify plugin version is 1.0.6 or later in WordPress admin panel📡 Detection & Monitoring
Log Indicators:
- HTTP requests with awsmgallery parameter containing script tags or JavaScript code
- Unusual referrer URLs containing XSS payloads
Network Indicators:
- GET requests with awsmgallery parameter containing encoded script tags
- Traffic patterns showing users clicking suspicious gallery links
SIEM Query:
source="web_logs" awsmgallery AND ("<script" OR "javascript:" OR "onerror=" OR "onload=")🔗 References
- https://plugins.trac.wordpress.org/browser/awesome-responsive-photo-gallery/trunk/inc/arpg-process-options.php?rev=1877314
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3221064%40awesome-responsive-photo-gallery&new=3221064%40awesome-responsive-photo-gallery&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/ca11e840-04bd-4731-bfa9-3bf8ed98e155?source=cve
