CVE-2024-5033 SULly < 4.3.1 - Admin+ Stored XSS via CSRF

2024-07-1306:00:08

WPScan

github.com

sully wordpress plugin

4.3.1

csrf vulnerability

stored xss

csrf attack

admin+

AI Score

5.9

Confidence

High

SSVC

Exploitation

poc

Automatable

Technical Impact

partial

JSON

The SULly WordPress plugin before 4.3.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:toolstack:sully:*:*:*:*:*:*:*:*"
    ],
    "vendor": "toolstack",
    "product": "sully",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "4.3.1",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unknown"
  }
]