Lucene search
Ilyase DehyWPEX-ID:7DE4C313-359E-4450-85F5-D29F3C2F046AHistoryMay 23, 2023 - 12:00 a.m.
Ultimate Dashboard < 3.7.6 - Admin+ Stored XSS
2023-05-2300:00:00
Ilyase Dehy
50
ultimate dashboard
stored xss
settings
general
custom howdy text
xss payload
save settings
browser execution
exploit
0.001 Low
EPSS
Percentile
19.6%
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
1. Go to "Ultimate Dashboard -> Settings -> General".
2. In the "Custom Howdy Text" field, input the XSS payload: `"><script>alert(1)</script>`
3. Save the settings.
4. Observe the XSS payload being executed in the browser when the page is loaded.Related
cve
cve
CVE-2023-2812
2023-06-19 11:15:10
prion
prion
Cross site scripting
2023-06-19 11:15:00
cvelist
cvelist
CVE-2023-2812 Ultimate Dashboard < 3.7.6 - Admin+ Stored XSS
2023-06-19 10:52:55
wpvulndb
wpvulndb
Ultimate Dashboard < 3.7.6 - Admin+ Stored XSS
2023-05-23 00:00:00
nvd
nvd
CVE-2023-2812
2023-06-19 11:15:10