FooGallery < 2.4.15 – Author+ Stored XSS | CVE 2024-2762 | Plugin Vulnerabilities

Description

The plugin does not validate and escape some of its Gallery settings before outputting them back in the page, which could allow users with a role as low as Author to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin

Proof of Concept

Create a new Gallery (with at least one image) and put the below payload in the Gallery Settings > Advanced >  Custom Attributes settings

123="" onpointerenter="alert(/XSS/)"

The XSS will be triggered in page/post where the gallery is embed and the mouse is moved over the image from the gallery

Affects Plugins

Fixed in 2.4.15

foogallery-premium

Fixed in 2.4.15

References

CVE

URL

https://research.cleantalk.org/cve-2024-2762/

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Dmitrii Ignatyev

Submitter

Dmitrii Ignatyev

Submitter website

https://research.cleantalk.org

Verified

Yes

WPVDB ID

92e0f5ca-0184-4e9c-b01a-7656e05dce69

Timeline

Publicly Published

2024-05-23 (about 1 year ago)

Added

2024-05-23 (about 1 year ago)

Last Updated

2024-06-06 (about 1 year ago)

Other

Published

Title

Published

2025-10-21

Title

Welcart e-Commerce < 2.11.23 - Authenticated (Editor+) Stored Cross-Site Scripting via order_mail

Published

2015-01-31

Title

Geo Mashup <= 1.8.2 - Cross-Site Scripting (XSS)

Published

2024-02-20

Title

3D FlipBook – PDF Flipbook WordPress < 1.15.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Bookmarks

Published

2014-08-01

Title

ReFlex Gallery 1.4.2 - Unspecified XSS

Published

2024-09-09

Title

Slider by 10Web < 1.2.59 - Admin+ Stored XSS