Lucene search

K
wpexploitBob MatyasWPEX-ID:30F31412-8F94-4D5E-A080-3F6F669703CD
HistoryDec 26, 2023 - 12:00 a.m.

WP Review Slider < 13.0 - Admin+ Stored XSS

2023-12-2600:00:00
Bob Matyas
58
wordpress
review
slider
stored xss
admin
twitter
api keys
exploit

AI Score

5.7

Confidence

High

EPSS

0

Percentile

14.0%

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

Add the payload `" style=animation-name:rotation onanimationstart=alert(/XSS/)//` for any of the WP Review > Twitter > API Keys or Twitter Source fields.

Save and see XSS when accessing the page.

AI Score

5.7

Confidence

High

EPSS

0

Percentile

14.0%

Related for WPEX-ID:30F31412-8F94-4D5E-A080-3F6F669703CD