CVE-2024-4564 is a stored cross-site scripting vulnerability classified under CWE-79 found in the CoDesigner WooCommerce Builder plugin for WordPress, specifically in versions up to and including 4.4.1. The vulnerability arises from improper neutralization of user input during web page generation, particularly in the Shop Slider, Tabs Classic, and Image Comparison widgets. These widgets fail to adequately sanitize and escape user-supplied attributes, allowing authenticated users with contributor-level access or higher to inject arbitrary JavaScript code into pages. When other users visit these pages, the malicious scripts execute in their browsers, potentially leading to session hijacking, credential theft, or unauthorized actions performed with the victim's privileges. The attack vector is remote over the network, with low complexity since only contributor-level privileges are required, and no user interaction is necessary beyond viewing the infected page. The vulnerability affects the confidentiality and integrity of user data but does not impact availability. The scope is broad as all versions up to 4.4.1 are affected, and the plugin is widely used in WooCommerce-based WordPress e-commerce sites. Although no known exploits are currently reported in the wild, the vulnerability poses a significant risk if left unmitigated. The CVSS 3.1 score of 6.4 reflects these factors, indicating a medium severity threat. The vulnerability was publicly disclosed in June 2024, and no official patches have been linked yet, emphasizing the need for immediate mitigation steps by site administrators.

The primary impact of CVE-2024-4564 is the compromise of user confidentiality and integrity on affected WordPress e-commerce sites using the CoDesigner plugin. Successful exploitation allows attackers to execute arbitrary JavaScript in the context of the victim's browser, which can lead to theft of authentication cookies, personal data, or manipulation of site content and user actions. This can result in account takeover, fraudulent transactions, or defacement of the website. Since the vulnerability requires only contributor-level access, attackers can leverage compromised or malicious contributor accounts to escalate their impact. The lack of availability impact means the site remains operational, potentially allowing prolonged exploitation. For organizations, this can lead to reputational damage, loss of customer trust, regulatory penalties for data breaches, and financial losses due to fraud or remediation costs. The widespread use of WooCommerce and WordPress globally means many e-commerce businesses are at risk, especially those that allow contributor-level user roles without strict controls. The absence of known exploits in the wild currently reduces immediate risk but does not eliminate the threat, as exploit code could be developed rapidly given the public disclosure.

1. Immediately restrict contributor-level permissions to trusted users only and review existing contributor accounts for suspicious activity. 2. Apply strict input validation and output escaping on all user-supplied data within the affected widgets, either by updating to a patched version once available or by implementing custom code fixes. 3. Use Web Application Firewalls (WAFs) with rules designed to detect and block XSS payloads targeting the affected plugin components. 4. Monitor website logs and user activity for unusual behavior indicative of exploitation attempts, such as unexpected script injections or anomalous contributor actions. 5. Educate site administrators and contributors about the risks of XSS and safe content input practices. 6. Temporarily disable or remove the Shop Slider, Tabs Classic, and Image Comparison widgets if immediate patching is not possible. 7. Keep WordPress core, plugins, and themes updated regularly to minimize exposure to known vulnerabilities. 8. Implement Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts on the site. 9. Conduct regular security audits and penetration testing focusing on user input handling and privilege management. 10. Backup site data frequently to enable recovery in case of compromise.