Lucene search
+L

WordPress Plugin TranslatePress 2.0.8 - Stored Cross-Site Scripting (XSS) (Authenticated)

🗓️ 28 Sep 2021 00:00:00Reported by Nosa ShandyType 
exploitdb
 exploitdb
🔗 www.exploit-db.com👁 208 Views

WordPress Plugin TranslatePress 2.0.8 - Stored Cross-Site Scripting (XSS) (Authenticated) vulnerability allows execution of javascript cod

Related
Code
ReporterTitlePublishedViews
Family
0day.today
WordPress TranslatePress 2.0.8 Plugin - Stored Cross-Site Scripting Vulnerability
28 Sep 202100:00
zdt
Circl
CVE-2021-24610
27 Sep 202120:34
circl
CNNVD
WordPress 插件 跨站脚本漏洞
27 Sep 202100:00
cnnvd
CNVD
WordPress plugin cross-site scripting vulnerability
29 Sep 202100:00
cnvd
CVE
CVE-2021-24610
27 Sep 202115:25
cve
Cvelist
CVE-2021-24610 TranslatePress < 2.0.9 - Authenticated Stored Cross-Site Scripting
27 Sep 202115:25
cvelist
EUVD
EUVD-2021-11522
7 Oct 202500:30
euvd
NVD
CVE-2021-24610
27 Sep 202116:15
nvd
OpenVAS
WordPress TranslatePress Plugin < 2.0.9 XSS Vulnerability
29 Oct 202100:00
openvas
OSV
CVE-2021-24610
27 Sep 202116:15
osv
Rows per page
# Exploit Title: WordPress Plugin TranslatePress 2.0.8 - Stored Cross-Site Scripting (XSS) (Authenticated)
# Date: 06-08-2021
# Exploit Author: Nosa Shandy (Apapedulimu)
# Vendor Homepage: https://translatepress.com/
# Software Link: https://wordpress.org/plugins/translatepress-multilingual/ 
# Reference: https://wpscan.com/vulnerability/b87fcc2f-c2eb-4e23-9757-d1c590f26d3f
# Version: 2.0.6 
# Tested on: macOS 11.4
# CVE : CVE-2021-24610

Description:
The plugin does not implement a proper filter on the 'translated' parameter when input to the database. The 'trp_sanitize_string' function only check the "<script></script>" with the preg_replace, the attacker can use the HTML Tag to execute javascript.

Step To Reproduce:
1. Go to http://localhost:8888/wordpress/?trp-edit-translation=true
2. Input Gettext String
3. Input the payload such as <img src=x onerror=alert(4)>
4. Save, The payload will be executed.
5. Look on the homepage will be affected.

Video : https://drive.google.com/file/d/1PnvjHuKCvjmom6xz_sxNLBu3jixCiHy_/view?usp=sharing

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

28 Sep 2021 00:00Current
5.1Medium risk
Vulners AI Score5.1
CVSS 23.5
CVSS 3.14.8
EPSS0.05432
208