CVE-2024-3635
📋 TL;DR
The Post Grid WordPress plugin before version 7.5.0 contains a stored cross-site scripting (XSS) vulnerability in grid settings. This allows authenticated users with Editor privileges or higher to inject malicious scripts that execute when other users view affected pages. The vulnerability bypasses WordPress's unfiltered_html restriction, making it particularly dangerous in multisite configurations.
💻 Affected Systems
- Post Grid WordPress Plugin
📦 What is this software?
The Post Grid by Radiustheme
⚠️ Risk & Real-World Impact
Worst Case
An attacker with editor access could inject malicious JavaScript that steals administrator credentials, redirects users to phishing sites, or performs administrative actions on behalf of logged-in users, potentially leading to complete site compromise.
Likely Case
Malicious editors inject tracking scripts, deface content, or steal session cookies from other users viewing affected grid pages.
If Mitigated
With proper user access controls and content security policies, the impact is limited to potential content manipulation within the editor's authorized scope.
🎯 Exploit Status
Exploitation requires authenticated access with Editor privileges. The vulnerability is in grid settings that editors can modify.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 7.5.0
Vendor Advisory: https://wpscan.com/vulnerability/63cbe5f4-fe0f-499f-a964-cf4fbedcfa25/
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Post Grid' plugin. 4. Click 'Update Now' if update is available. 5. Alternatively, download version 7.5.0+ from WordPress repository and manually update.
🔧 Temporary Workarounds
Restrict Editor Capabilities
allTemporarily remove or restrict editor access to Post Grid settings using role management plugins.
Implement Content Security Policy
allAdd CSP headers to prevent execution of inline scripts and restrict script sources.
Add to .htaccess: Header set Content-Security-Policy "default-src 'self'; script-src 'self'"
Add to wp-config.php: header("Content-Security-Policy: default-src 'self'; script-src 'self'");
🧯 If You Can't Patch
- Immediately audit and monitor all users with Editor role or higher for suspicious activity.
- Disable the Post Grid plugin entirely until patching is possible.
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin → Plugins → Installed Plugins → Post Grid version. If version is below 7.5.0, system is vulnerable.Check Version:
wp plugin list --name=post-grid --field=version (if WP-CLI installed)Verify Fix Applied:
Confirm Post Grid plugin version is 7.5.0 or higher in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- Unusual modifications to Post Grid settings by editor users
- Multiple failed login attempts followed by successful editor login
Network Indicators:
- Unexpected external script loads from Post Grid pages
- Suspicious outbound connections from WordPress admin sessions
SIEM Query:
source="wordpress.log" AND ("post-grid" OR "grid settings") AND ("update" OR "modify" OR "save")