Lucene search

K
wpexploitMuhamad hidayatWPEX-ID:27AD58BA-B648-41D9-8074-16E4FEEAEE69
HistoryApr 11, 2022 - 12:00 a.m.

Adrotate < 5.8.23 - Admin+ XSS via Advert Name

2022-04-1100:00:00
muhamad hidayat
139

0.001 Low

EPSS

Percentile

24.8%

The plugin does not sanitise and escape Advert Names which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

Create/edit an Advert and put the following payload in the Name field: "><img src=x onerror=alert(/XSS/)>

The XSS will be triggered when accessing the Manage Adverts page

0.001 Low

EPSS

Percentile

24.8%

Related for WPEX-ID:27AD58BA-B648-41D9-8074-16E4FEEAEE69