Lucene search
Mohamed AzarudheenWPEX-ID:50AE7008-46F0-4F89-AE98-65DCABE4EF09HistoryOct 16, 2023 - 12:00 a.m.
User Registration < 3.0.4.2 - Admin+ Stored XSS
2023-10-1600:00:00
Mohamed Azarudheen
46
wordpress
user registration
xss
vulnerability
version 3.0.4.2
plugin
stored
admin
security
Description The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
1. Install and activate this plugin - https://wordpress.org/plugins/user-registration/.
2. Click "Add Form" under the plugin options.
3. Once the form is created, navigate to the form settings, and in the "Redirect URL" field, inject the following payload: javascript:alert(document.domain) and then click "Update Form."
4. Copy the shortcode generated for the form, go to the "Page" tab, create a new page, paste the shortcode, publish the page, and visit it.
5. Now, fill out the form with any dummy data and click "Submit."
6. This will create a new user and trigger the XSS vulnerability.Related
prion
prion
Cross site scripting
2023-11-06 21:15:00
wpvulndb
wpvulndb
User Registration < 3.0.4.2 - Admin+ Stored XSS
2023-10-16 00:00:00
nvd
nvd
CVE-2023-5228
2023-11-06 21:15:09
cve
cve
CVE-2023-5228
2023-11-06 21:15:09
cvelist
cvelist
CVE-2023-5228 User Registration < 3.0.4.2 - Admin+ Stored XSS
2023-11-06 20:40:45
5.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
14.2%
Related for WPEX-ID:50AE7008-46F0-4F89-AE98-65DCABE4EF09