Lucene search
Bob MatyasWPEX-ID:327AE124-79EB-4E07-B029-E4F543CBD356HistoryDec 28, 2023 - 12:00 a.m.
Product Enquiry for WooCommerce < 3.1 - Admin+ Stored XSS
2023-12-2800:00:00
Bob Matyas
62
xss
woocommerce
form customizer
translate
stored
admin+
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Form Customizer:
1. Navigate to https://example.com/wp-admin/admin.php?page=GMWQP&view=form_customizer
2. Add the payload `"><script>alert(1)</script>` to any of the form fields (ex:
"email")
3. Save the changes and reload to see the XSS
Translate:
1. Navigate to https://example.com/wp-admin/admin.php?page=GMWQP&view=translate
2. Remove the `disabled` attribute from any of the Pro features
3. Add the PoC: `" style=animation-name:rotation onanimationstart=alert(/XSS/)//` to the field.
3. Save the changes and reload to see the XSSRelated
prion
prion
Cross site scripting
2024-01-22 20:15:00
nvd
nvd
CVE-2023-6626
2024-01-22 20:15:47
cvelist
cvelist
CVE-2023-6626 Product Enquiry for WooCommerce < 3.1 - Admin+ Stored XSS
2024-01-22 19:14:28
cve
cve
CVE-2023-6626
2024-01-22 20:15:47
wpvulndb
wpvulndb
Product Enquiry for WooCommerce < 3.1 - Admin+ Stored XSS
2023-12-28 00:00:00
AI Score
5.7
Confidence
High
EPSS
0
Percentile
14.0%
Related for WPEX-ID:327AE124-79EB-4E07-B029-E4F543CBD356