Lucene search
Mohamed AzarudheenWPEX-ID:33F6FEA6-C784-40AE-A548-55D41618752DHistoryApr 12, 2024 - 12:00 a.m.
Responsive Contact Form Builder & Lead Generation Plugin <= 1.8.9 - Admin+ Stored XSS
2024-04-1200:00:00
Mohamed Azarudheen
26
contact form builder
lead generation plugin
admin+
stored xss
april 26 2024
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
To replicate this vulnerability, follow these steps:
1. Go to the plugin dashboard, click "Add New" form.
2. Under "Field Name", enter "Name" and under "Field Type", select "Name", then click "Save Form".
3. Navigate to the form list, click "Edit" under the form you created.
4. In the "Field Name" section, change "Name" to the following payload: `<script>alert(document.domain)</script>` and click "Update Form".
5. Navigate back to the form list, copy the shortcode, publish it on a new page, and visit the page. This will trigger the XSS payload.Related
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-3637
2024-05-03 06:15:14
wpvulndb
wpvulndb
cve
cve
CVE-2024-3637
2024-05-03 06:15:14
cvelist
cvelist
wordfence
wordfence
5.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
Related for WPEX-ID:33F6FEA6-C784-40AE-A548-55D41618752D