CVE-2024-1775

Name of the Vulnerable Software and Affected Versions Nextend Social Login and Register plugin for WordPress versions up to, and including, 3.1.12

Description The Nextend Social Login and Register plugin for WordPress is vulnerable to a self-based Reflected Cross-Site Scripting via the error description parameter due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers, with access to a subscriber-level account, to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Successful exploitation requires "Debug mode" to be enabled in the plugin's "Global Settings". The vulnerability can be exploited against an OAuth pre-authenticated higher-level user, such as an administrator, by leveraging a cross-site request forgery in conjunction with a certain social engineering technique to achieve a critical impact scenario, including cross-site scripting to administrator-level account creation.

Recommendations For versions up to, and including, 3.1.12, update the plugin to a version that fixes the vulnerability. As a temporary workaround, consider disabling the "Debug mode" in the plugin's "Global Settings" until a patch is available. Restrict access to the error description parameter to minimize the risk of exploitation.