Lucene search

K
packetstorm0xB9PACKETSTORM:165814
HistoryFeb 02, 2022 - 12:00 a.m.

WordPress Contact Form Check Tester 1.0.2 XSS / Access Control

2022-02-0200:00:00
0xB9
packetstormsecurity.com
153

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

`# Exploit Title: WordPress Plugin Contact Form Check Tester 1.0.2 - Broken Access Control  
# Date: 2/28/2021  
# Author: 0xB9  
# Software Link: https://wordpress.org/plugins/contact-fo...ck-tester/  
# Version: 1.0.2  
# Tested on: Windows 10  
# CVE: CVE-2021-24247  
  
1. Description:  
The plugin settings are visible to all registered users in the dashboard.  
A registered user can leave a payload in the plugin settings.  
  
2. Proof of Concept:  
- Register an account  
- Navigate to the dashboard  
- Go to CF7 Check Tester -> Settings  
- Add a form  
- Add a field to the form  
- Put in a payload in either Field selector or Field value "><script>alert(1)</script>  
- Save  
Anyone who visits the settings page will execute the payload.  
  
`

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

Related for PACKETSTORM:165814