CVE-2024-7317 is a stored Cross-Site Scripting (XSS) vulnerability classified under CWE-79, found in the WordPress plugin 'Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager' developed by galdub. This plugin is designed to help organize media libraries, pages, posts, and files within WordPress installations. The vulnerability affects all versions up to and including 3.0.3. It stems from inadequate sanitization and escaping of SVG file uploads, which are vector image files that can contain embedded scripts. Authenticated users with Contributor-level permissions or higher can upload malicious SVG files containing arbitrary JavaScript code. When any user views or accesses these SVG files, the embedded scripts execute in their browser context, potentially leading to session hijacking, privilege escalation, or other malicious actions. The vulnerability requires authentication but no user interaction beyond accessing the SVG file, and it affects the confidentiality and integrity of user data without impacting availability. The CVSS v3.1 base score is 6.4, reflecting a medium severity with network attack vector, low attack complexity, and privileges required. No public exploits have been reported yet, but the vulnerability poses a significant risk to WordPress sites using this plugin, especially those with multiple users and contributors. Mitigation requires patching the plugin once updates are available or implementing strict file upload restrictions and content sanitization.

The primary impact of CVE-2024-7317 is the compromise of user confidentiality and integrity on affected WordPress sites. Attackers with Contributor-level access can inject persistent malicious scripts via SVG uploads, which execute in the browsers of any users accessing the infected files. This can lead to session hijacking, theft of authentication tokens, unauthorized actions performed on behalf of users, and potential lateral movement within the site. Since the vulnerability does not affect availability, denial of service is unlikely. However, the breach of trust and potential data leakage can severely damage organizational reputation and user trust. For organizations relying on WordPress for content management, especially those with multiple contributors or editors, this vulnerability can facilitate insider threats or external attackers who have compromised contributor accounts. The medium CVSS score indicates a moderate risk, but the ease of exploitation by authenticated users and the persistent nature of stored XSS make it a significant concern. The lack of known exploits in the wild currently reduces immediate risk but does not eliminate the threat, as attackers may develop exploits rapidly once the vulnerability is public.

1. Immediately restrict SVG file uploads to trusted users only or disable SVG uploads entirely until a patch is available. 2. Monitor and audit all uploaded SVG files for suspicious content or embedded scripts. 3. Apply strict input validation and output escaping on all file upload and rendering processes within the plugin, if custom fixes are possible before official patches. 4. Upgrade the plugin to a patched version as soon as it is released by the vendor. 5. Implement Content Security Policy (CSP) headers to limit the execution of inline scripts and reduce the impact of XSS attacks. 6. Enforce the principle of least privilege by limiting Contributor-level access to only trusted users. 7. Educate users and administrators about the risks of uploading untrusted SVG files and the importance of verifying file contents. 8. Use security plugins or Web Application Firewalls (WAFs) that can detect and block XSS payloads in uploads or requests. 9. Regularly review user roles and permissions to minimize the number of users who can upload files. 10. Conduct periodic security assessments and penetration tests focusing on file upload functionalities.