Lucene search

K
htbridgeHigh-Tech BridgeHTB23235
HistorySep 17, 2014 - 12:00 a.m.

Reflected Cross-Site Scripting (XSS) in Google Calendar Events WordPress Plugin

2014-09-1700:00:00
High-Tech Bridge
www.htbridge.com
29

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

73.3%

High-Tech Bridge Security Research Lab discovered vulnerability in Google Calendar Events WordPress plugin, which can be exploited to perform Cross-Site Scripting (XSS) attacks against administrator of a WordPress website with vulnerable plugin.

  1. Reflected Cross-Site Scripting (XSS) in Google Calendar Events WordPress Plugin: CVE-2014-7138

Input passed via the “gce_feed_ids” HTTP GET parameter to “/wp-admin/admin-ajax.php” script is not properly sanitised before being returned to the user. A remote attacker can trick a logged-in administrator to open a specially crafted link and execute arbitrary HTML and script code in browser in context of the vulnerable website.

The exploitation example below uses the “alert()” JavaScript function to display “immuniweb” word:

http://wordpress/wp-admin/admin-ajax.php?action=gce_ajax&gce_type=page&gce_f eed_ids=%27%22%3E%3Cscript%3Ealert%28/immuniweb/%29;%3C/script%3E

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

73.3%

Related for HTB23235