Lucene search

K
wpexploitFayçal CHENAWPEX-ID:2CE2A387-ACC8-482A-9452-A4D9ACB187FD
HistoryJul 11, 2022 - 12:00 a.m.

Event Timeline <= 1.1.6 - Admin+ Stored Cross-Site Scripting

2022-07-1100:00:00
Fayçal CHENA
130

0.001 Low

EPSS

Percentile

24.8%

The plugin does not sanitize and escape Timeline Text, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

Create/edit a Timeline, put the following payload in the "Text" field at the bottom: <script>alert(/XSS/)</script>

Click save (below the Text field, not the button on top of the page), then click Update

The XSS will be triggered in post/page where the Timeline is embed

0.001 Low

EPSS

Percentile

24.8%

Related for WPEX-ID:2CE2A387-ACC8-482A-9452-A4D9ACB187FD