CVE-2024-5026 is a medium-severity vulnerability classified as CWE-79 (Cross-Site Scripting, XSS) affecting the CM Tooltip Glossary WordPress plugin versions prior to 4.3.4. The vulnerability arises because the plugin fails to properly sanitize and escape certain settings. This flaw allows users with high privileges, such as administrators, to inject and store malicious scripts (Stored XSS) within the plugin's settings. Notably, this vulnerability can be exploited even when the WordPress capability 'unfiltered_html' is disabled, which is a common restriction in multisite WordPress environments to prevent HTML injection. The attack requires the attacker to have high privileges and some user interaction (e.g., an admin viewing a page where the malicious script is rendered). The vulnerability impacts confidentiality and integrity by enabling script execution in the context of the victim administrator's browser, potentially leading to session hijacking, privilege escalation, or unauthorized actions within the WordPress admin interface. The CVSS 3.1 base score is 4.8 (medium), reflecting the network attack vector, low attack complexity, high privileges required, and user interaction needed. There are no known exploits in the wild at the time of publication, and no official patches have been linked yet. The vulnerability affects all versions of the CM Tooltip Glossary plugin before 4.3.4, which is a popular WordPress plugin used to create glossaries and tooltips on websites.

For European organizations using WordPress websites with the CM Tooltip Glossary plugin, this vulnerability poses a risk primarily to site administrators and the integrity of the website content. Exploitation could allow an attacker with admin access to inject malicious scripts that execute in the context of other administrators or privileged users, potentially leading to session hijacking, unauthorized content modification, or further compromise of the WordPress environment. This could result in defacement, data leakage, or pivoting to other internal systems. Given the widespread use of WordPress in Europe across sectors such as government, education, and commerce, the vulnerability could impact organizations that rely on this plugin for content management. Multisite WordPress setups, common in larger organizations and agencies, are particularly at risk because the vulnerability bypasses the usual 'unfiltered_html' restriction. The impact on availability is minimal, but the confidentiality and integrity risks are significant enough to warrant attention. The absence of known exploits reduces immediate risk but does not eliminate the threat, especially if attackers develop proof-of-concept exploits.

1. Immediate upgrade: Organizations should upgrade the CM Tooltip Glossary plugin to version 4.3.4 or later as soon as it becomes available to ensure the vulnerability is patched. 2. Privilege review: Restrict administrative privileges strictly to trusted users to reduce the risk of exploitation by malicious insiders or compromised accounts. 3. Input validation: Implement additional server-side input validation and sanitization for plugin settings if custom modifications are possible. 4. Monitoring and logging: Enable detailed logging of administrative actions and monitor for unusual activity that could indicate exploitation attempts. 5. Content Security Policy (CSP): Deploy a strict CSP to limit the execution of unauthorized scripts in the WordPress admin interface. 6. Web Application Firewall (WAF): Use a WAF with rules to detect and block XSS payloads targeting WordPress admin pages. 7. Multisite caution: For multisite WordPress installations, apply extra scrutiny and consider temporarily disabling the plugin until patched, as the vulnerability bypasses typical multisite restrictions. 8. User training: Educate administrators about the risks of stored XSS and encourage cautious behavior when managing plugin settings.