Lucene search

K
wpexploitHuy NguyenWPEX-ID:A1FE0783-7A88-4D75-967F-CEF970B73752
HistoryOct 04, 2021 - 12:00 a.m.

Events Made Easy < 2.2.24 - Admin+ Stored Cross-Site Scripting

2021-10-0400:00:00
Huy Nguyen
255

0.001 Low

EPSS

Percentile

21.4%

The plugin does not sanitise and escape Custom Field Names, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

Add/Edit a Custom Field (/wp-admin/admin.php?page=eme-formfields) and put the following payload in the Field Name: a<script>alert(/XSS/)</script>

The XSS will be triggered when accessing some pages like Custom Field, Pending Bookings, Approved Bookings

0.001 Low

EPSS

Percentile

21.4%

Related for WPEX-ID:A1FE0783-7A88-4D75-967F-CEF970B73752