Lucene search
Yassir Sbai FahimWPEX-ID:9AFEC4AA-1210-4C40-B566-64E37ACF2B64HistoryJun 19, 2023 - 12:00 a.m.
TinyMCE Custom Styles < 1.1.4 - Admin+ Stored Cross-Site Scripting
2023-06-1900:00:00
Yassir Sbai Fahim
56
tinymce
custom styles
admin
stored
cross-site scripting
settings
formats dropdown
payload
alert box
page load
0.001 Low
EPSS
Percentile
19.6%
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
1. Go to "Settings" ยป "TinyMCE Custom Styles" section.
2. In the "2. Manage your custom styles for TinyMCE's Formats dropdown" area under the "Title" and "Type Value" fields add payload: "><script>alert(1);</script>
3. Save all the settings. Load the page,and an alert box with the number "1" will pop up.Related
cve
cve
CVE-2023-2967
2023-07-10 16:15:51
nvd
nvd
CVE-2023-2967
2023-07-10 16:15:51
wpvulndb
wpvulndb
TinyMCE Custom Styles < 1.1.4 - Admin+ Stored Cross-Site Scripting
2023-06-19 00:00:00
cvelist
cvelist
prion
prion
Cross site scripting
2023-07-10 16:15:00