Lucene search

K
wpexploitWpvulndbWPEX-ID:006B37C9-641C-4676-A315-9B6053E001D2
HistoryApr 30, 2021 - 12:00 a.m.

Give WP < 2.10.4 - Authenticated Stored Cross-Site Scripting (XSS)

2021-04-3000:00:00
wpvulndb
57
cross-site scripting
authenticated
stripe checkout
email settings
wordpress

EPSS

0.001

Percentile

21.8%

The plugin did not sanitise or escape the Background Image field of its Stripe Checkout Setting and Logo field in its Email settings, leading to authenticated (admin+) Stored XSS issues. Notes (WPScanTeam) - The original reporter mentioned the issue being fixed in 2.10.2, but we could still trigger it with the same payload in this version, as well as the latest 2.10.3. Vendor was notified about it - April 29th, 2021 - v2.10.4 released, fixing the issue

As admin, put the payload below in the Background Image field of the Stripe Checkout settings (/wp-admin/edit.php?post_type=give_forms&page=give-settings&tab=gateways&section=stripe-settings&group=checkout) or Logo field in the Email Settings (/wp-admin/edit.php?post_type=give_forms&page=give-settings&tab=emails&section=email-settings)

" autofocus onfocus=alert(/XSS/)//

EPSS

0.001

Percentile

21.8%

Related for WPEX-ID:006B37C9-641C-4676-A315-9B6053E001D2