WP Matterport Shortcode < 2.1.7 - Reflected XSS

2023-09-2500:00:00

Erwan LR (WPScan)

reflected xss

logged in admin

matterport shortcode

security exploit

EPSS

0.001

Percentile

21.8%

JSON

Description The plugin does not escape the PHP_SELF server variable when outputting it in attributes, leading to Reflected Cross-Site Scripting issues which could be used against high privilege users such as admin

Make a logged in admin open

https://example.com/wp-admin/admin.php/"><img src onerror=alert(`XSS`)>/?page=wpms-options

EPSS

0.001

Percentile

21.8%

JSON

Related for WPEX-ID:5FAD5245-A089-4BA3-9958-1E2C3D066EEA