Lucene search
Prasad BorvankarWPEX-ID:9FD2EB81-185D-4D42-8ACF-925664B7CB2FHistoryOct 09, 2023 - 12:00 a.m.
Popup box < 3.7.2 - Admin+ Stored Cross-Site Scripting
2023-10-0900:00:00
Prasad Borvankar
29
popup box
admin
stored
cross-site scripting
custom content
payload
text mode
xss
editing
frontend
exploit
Description The plugin does not sanitize and escape some Popup fields, which could allow high-privilege users such as an administrator to inject arbitrary web scripts even when the unfiltered_html capability is disallowed (for example in a multisite setup).
1. Create a new PopUp Box within the plugin.
2. In the "Custom Content" and Popup Description fields, enter the following payload when in text mode: <img src onerror=alert(/XSS/)>
3. The XSS will be triggered when editing the Popup up again, or when accessing the frontend (such as the homepage)Related
prion
prion
Design/Logic Flaw
2023-10-31 14:15:00
nvd
nvd
CVE-2023-4390
2023-10-31 14:15:11
cvelist
cvelist
CVE-2023-4390 Popup box < 3.7.2 - Admin+ Stored Cross-Site Scripting
2023-10-31 13:54:45
cve
cve
CVE-2023-4390
2023-10-31 14:15:11
wpvulndb
wpvulndb
Popup box < 3.7.2 - Admin+ Stored Cross-Site Scripting
2023-10-09 00:00:00
5.1 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
14.0%
Related for WPEX-ID:9FD2EB81-185D-4D42-8ACF-925664B7CB2F