Neontext Wordpress Plugin - Stored XSS

🗓️ 05 Mar 2024 00:00:00Reported by Eren CarType

exploitdb🔗 www.exploit-db.com👁 280 Views

Neontext plugin Stored XSS vulnerability in Wordpres

Reporter	Title	Published	Views	Family All 15
0day.today	Wordpress Neontext Plugin - Stored XSS Vulnerability	5 Mar 202400:00	–	zdt
Circl	CVE-2023-5817	27 Oct 202314:17	–	circl
CNNVD	WordPress plugin Neon text cross-site scripting vulnerability	27 Oct 202300:00	–	cnnvd
CVE	CVE-2023-5817	27 Oct 202310:59	–	cve
Cvelist	CVE-2023-5817 Neon text <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting	27 Oct 202310:59	–	cvelist
EUVD	EUVD-2023-58100	3 Oct 202520:07	–	euvd
NVD	CVE-2023-5817	27 Oct 202311:15	–	nvd
Packet Storm	WordPress Neon Text 1.1 Cross Site Scripting	5 Mar 202400:00	–	packetstorm
Patchstack	WordPress Neon text Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)	26 Oct 202300:00	–	patchstack
Prion	Cross site scripting	27 Oct 202311:15	–	prion

# Exploit Title: Wordpress Plugin Neon Text <= 1.1 - Stored Cross Site Scripting (XSS)
# Date: 2023-11-15
# Exploit Author: Eren Car
# Vendor Homepage: https://www.eralion.com/
# Software Link: https://downloads.wordpress.org/plugin/neon-text.zip
# Category: Web Application
# Version: 1.0
# Tested on: Debian / WordPress 6.4.1
# CVE : CVE-2023-5817

# 1. Description:
The Neon text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's neontext_box shortcode in 1.1 and above versions. 
  
# 2. Proof of Concept (PoC):
  a. Install and activate version 1.0 of the plugin.
  b. Go to the posts page and create new post.
  c. Add shorcode block and insert the following payload:
  
		[neontext_box][neontext color='"onmouseover="alert(document.domain)"']TEST[/neontext][/neontext_box]
		
		
  d. Save the changes and preview the page. Popup window demonstrating the vulnerability will be executed.

05 Mar 2024 00:00Current

5.7Medium risk

Vulners AI Score5.7

CVSS 3.15.4 - 6.4

EPSS0.00082

SSVC