CVE-2024-1720 is a stored cross-site scripting vulnerability identified in the wpeverest User Registration – Custom Registration Form, Login Form, and User Profile WordPress plugin, affecting all versions up to and including 3.1.4. The root cause is insufficient input sanitization and output escaping of the 'Display Name' parameter, which allows attackers to inject arbitrary JavaScript code that is stored persistently and executed when a user accesses the affected page. This vulnerability can be exploited by unauthenticated attackers who submit malicious payloads via the registration or profile update forms. However, successful exploitation requires social engineering to convince a user to log in and view the injected content, as the malicious script executes in the context of the logged-in user’s browser. The impact includes potential theft of session cookies, user impersonation, and unauthorized actions performed on behalf of the victim. The vulnerability does not affect system availability but compromises confidentiality and integrity. The CVSS 3.1 score of 4.7 reflects a medium severity due to the requirement of user interaction and the complexity of exploitation. No public exploits or active exploitation have been reported to date. The vulnerability highlights the importance of proper input validation and output encoding in web applications, especially plugins that handle user-generated content. Organizations using this plugin should prioritize patching or applying workarounds to prevent exploitation.

The primary impact of CVE-2024-1720 is on the confidentiality and integrity of user data within affected WordPress sites. An attacker can inject malicious scripts that execute in the context of authenticated users, potentially leading to session hijacking, credential theft, or unauthorized actions performed with the victim’s privileges. Although the vulnerability does not directly affect system availability, the compromise of user accounts can lead to further attacks, data leakage, or reputational damage. The requirement for social engineering reduces the likelihood of widespread exploitation but does not eliminate risk, especially in environments with less security awareness. Organizations relying on this plugin for user registration and profile management face risks of targeted attacks against their user base. The vulnerability could be leveraged in phishing campaigns or combined with other exploits to escalate privileges or move laterally within a network. Overall, the impact is moderate but significant enough to warrant prompt remediation.

1. Upgrade the wpeverest User Registration plugin to the latest version once a patch is released that addresses this vulnerability. 2. If an immediate patch is unavailable, implement input validation on the 'Display Name' field to restrict or sanitize input, removing or encoding potentially malicious characters such as script tags. 3. Apply output encoding/escaping on all user-supplied data before rendering it in web pages to prevent script execution. 4. Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in the browser. 5. Educate users and administrators about social engineering risks and encourage vigilance against suspicious links or login requests. 6. Monitor web server and application logs for unusual input patterns or repeated attempts to inject scripts. 7. Consider using web application firewalls (WAFs) with rules to detect and block XSS payloads targeting this plugin. 8. Regularly audit and review installed plugins for known vulnerabilities and remove unused or unsupported plugins. These steps collectively reduce the risk of exploitation beyond generic advice by focusing on both technical controls and user awareness.