Login Sign Up

CVE-2024-8032

6.1 MEDIUM
Cross-Site Scripting CSRF

📋 TL;DR

The Smooth Gallery Replacement WordPress plugin through version 1.0 lacks CSRF protection and proper input sanitization/escaping. This allows attackers to trick logged-in administrators into executing stored cross-site scripting (XSS) attacks via CSRF. WordPress sites using this vulnerable plugin are affected.

💻 Affected Systems

Products:
  • Smooth Gallery Replacement WordPress Plugin
Versions: All versions up to and including 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires WordPress installation with the plugin activated and an administrator logged in.

📦 What is this software?

Smooth Gallery Replacement by Ulfbenjaminsson

View all CVEs affecting Smooth Gallery Replacement →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could inject malicious JavaScript that steals administrator credentials, takes over the WordPress site, or redirects visitors to malicious sites.

🟠

Likely Case

Attackers inject XSS payloads that hijack admin sessions, deface the website, or steal sensitive data from logged-in users.

🟢

If Mitigated

With proper web application firewalls and admin security awareness, exploitation attempts would be blocked or detected before causing damage.

🌐 Internet-Facing: HIGH
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires tricking a logged-in administrator into clicking a malicious link or visiting a crafted page.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: https://wpscan.com/vulnerability/4c9120b1-ca81-411b-a2e2-a8d30f32a74b/

Restart Required: No

Instructions:

1. Remove the Smooth Gallery Replacement plugin completely. 2. Install an alternative gallery plugin from the official WordPress repository. 3. Clear browser caches and WordPress caches.

🔧 Temporary Workarounds

Disable Plugin

all

Deactivate the Smooth Gallery Replacement plugin to prevent exploitation.

wp plugin deactivate smooth-gallery-replacement

Implement CSRF Protection

all

Add CSRF tokens to WordPress forms using security plugins or custom code.

🧯 If You Can't Patch

  • Remove the plugin entirely and use an alternative.
  • Restrict admin access to trusted networks only.

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins for 'Smooth Gallery Replacement' version 1.0 or earlier.

Check Version:

wp plugin get smooth-gallery-replacement --field=version

Verify Fix Applied:

Confirm the plugin is no longer installed or active in the WordPress plugins list.

📡 Detection & Monitoring

Log Indicators:

  • Unusual POST requests to WordPress admin-ajax.php or plugin-specific endpoints from unexpected sources.
  • JavaScript injection patterns in WordPress database or file modifications.

Network Indicators:

  • HTTP requests containing suspicious script tags or encoded payloads targeting WordPress admin interfaces.

SIEM Query:

source="wordpress.log" AND (uri_path="/wp-admin/admin-ajax.php" OR uri_path CONTAINS "smooth-gallery") AND (http_method="POST" AND user_agent NOT IN trusted_list)

📊 Metadata

CVE ID: CVE-2024-8032
CVSS v3 Score: 6.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-352
EPSS Score: 0.04% exploit probability (12.9th percentile)
Published: May 15, 2025
Last Updated: June 12, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-8032, you might also want to check these:

CVE-2025-23922 10.0

A Cross-Site Request Forgery (CSRF) vulnerability in the Harsh iSpring Embedder WordPress plugin all...

Same vulnerability type (CWE-352)
CVE-2018-18934 9.8

This vulnerability in PopojiCMS v2.0.1 allows remote attackers to upload and execute arbitrary PHP c...

Same vulnerability type (CWE-352)
CVE-2020-10181 9.8

This CVE describes a Cross-Site Request Forgery (CSRF) vulnerability in Sumavision Enhanced Multimed...

Same vulnerability type (CWE-352)