Lucene search

K
wpexploitGenubhau WayalWPEX-ID:12F1ED97-D392-449D-B25C-42D241693888
HistorySep 20, 2021 - 12:00 a.m.

Sociable <= 4.3.4.1 - Admin+ Stored Cross-Site Scripting

2021-09-2000:00:00
Genubhau Wayal
265

0.001 Low

EPSS

Percentile

24.8%

The plugin does not sanitise or escape some of its settings before outputting them in the admins dashboard, allowing high privilege users to perform Cross-Site Scripting attacks against other users even when the unfiltered_html capability is disallowed

Put the following payload in the "Background Color" or "Labels Color" Skyscraper settings of the plugin in the (/wp-admin/options-general.php?page=skyscraper_options): "><script>alert(/XSS/)</script>

Other settings might be affected as well

0.001 Low

EPSS

Percentile

24.8%

Related for WPEX-ID:12F1ED97-D392-449D-B25C-42D241693888