CVE-2024-13384 – This vulnerability in the Rbs Image Gallery Wor... (How to Fix)

Q: What is the severity of CVE-2024-13384?

CVE-2024-13384 has a CVSS score of 4.8 (MEDIUM). This vulnerability in the Rbs Image Gallery WordPress plugin allows administrators to inject malicious scripts into plugin settings, which then execute when other users view affected pages. It affects WordPress sites using vulnerable plugin versions, particularly in multisite configurations where unfiltered_html is restricted.

📋 TL;DR

This vulnerability in the Rbs Image Gallery WordPress plugin allows administrators to inject malicious scripts into plugin settings, which then execute when other users view affected pages. It affects WordPress sites using vulnerable plugin versions, particularly in multisite configurations where unfiltered_html is restricted.

💻 Affected Systems

Products:

Rbs Image Gallery WordPress Plugin

Versions: All versions before 3.2.24

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires admin-level access to exploit; particularly relevant in WordPress multisite installations where unfiltered_html capability is restricted.

📦 What is this software?

Robo Gallery by Robosoft

View all CVEs affecting Robo Gallery →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Administrator account compromise leads to site-wide XSS affecting all visitors, potentially resulting in credential theft, session hijacking, or malware distribution.

🟠

Likely Case

Malicious admin injects XSS payloads that affect other privileged users, potentially leading to privilege escalation or data exfiltration.

🟢

If Mitigated

Limited to admin users only, with minimal impact if proper user access controls and content security policies are implemented.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires administrative privileges; no public exploit code identified at time of analysis.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.2.24

Vendor Advisory: https://wpscan.com/vulnerability/f65d8a83-6ce8-40be-8633-deffd555c349/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Rbs Image Gallery' and check if update is available. 4. Click 'Update Now' to upgrade to version 3.2.24 or later.

🔧 Temporary Workarounds

Disable Plugin

all

Temporarily disable the vulnerable plugin until patched

wp plugin deactivate rbs-image-gallery

Restrict Admin Access

all

Limit administrative accounts to trusted users only

🧯 If You Can't Patch

Implement Content Security Policy (CSP) headers to restrict script execution
Apply strict user access controls and monitor admin activity logs

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → Rbs Image Gallery → Version number

Check Version:

wp plugin get rbs-image-gallery --field=version

Verify Fix Applied:

Confirm plugin version is 3.2.24 or higher in WordPress admin panel

📡 Detection & Monitoring

Log Indicators:

Unusual plugin setting modifications
Admin users saving suspicious content in gallery settings

Network Indicators:

Unexpected script tags in gallery page responses
Suspicious JavaScript in plugin-generated content

SIEM Query:

source="wordpress" AND (event="plugin_updated" OR event="option_updated") AND plugin="rbs-image-gallery"

📊 Metadata

CVE ID: CVE-2024-13384

CVSS v3 Score: 4.8 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.05% exploit probability (16.8th percentile)

Published: May 15, 2025

Last Updated: June 5, 2025

🔗 References

https://wpscan.com/vulnerability/f65d8a83-6ce8-40be-8633-deffd555c349/ Exploit,Third Party Advisory
https://wpscan.com/vulnerability/f65d8a83-6ce8-40be-8633-deffd555c349/ Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-13384, you might also want to check these: