Lucene search
Ameen AlkurdyWPEX-ID:A6331CA8-9603-4134-AF39-8E77AC9D511CHistoryApr 19, 2023 - 12:00 a.m.
Help Desk WP <= 1.2.0 - Editor+ Stored XSS
2023-04-1900:00:00
Ameen Alkurdy
73
help desk wp
editor role
stored xss
http proxy
http request
administrator user
wordpress dashboard
EPSS
0.001
Percentile
23.5%
The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks.
1. Using a user with Editor Role privileges, go to the support page assigned for the Help Desk WP Plugin.
2. Click on "Add New Ticket", and fill the form with dummy data.
3. Intercept the request using an HTTP Proxy, such as BurpSuite.
4. Replace the "description" form data with the following XSS payload: <img src=q onerror=prompt('XSS')>
5. Send the request.
6. As an Administrator user, open up the ticket using the Help Desk WP Plugin through Wordpress Dashboard.
7. The XSS payload will get executed.Related
prion
prion
Cross site scripting
2023-05-15 13:15:00
cvelist
cvelist
CVE-2023-1019 Help Desk WP <= 1.2.0 - Editor+ Stored XSS
2023-05-15 12:15:43
nvd
nvd
CVE-2023-1019
2023-05-15 13:15:10
wpvulndb
wpvulndb
Help Desk WP <= 1.2.0 - Editor+ Stored XSS
2023-04-19 00:00:00
cve
cve
CVE-2023-1019
2023-05-15 13:15:10
wordfence
wordfence