Lucene search
Eunho KimWPEX-ID:A6C2DA28-DC03-4BCC-A6C3-EE55A73861DBHistoryMay 27, 2024 - 12:00 a.m.
Easy Notify Lite < 1.1.33 - Contributor+ Stored XSS
2024-05-2700:00:00
Eunho Kim
45
easy notify
stored xss
poc
update
june 10 2024
AI Score
5.8
Confidence
High
Description The plugin does not sanitise and escape some of its Notification fields, which could allow users such as contributor and above to perform Stored Cross-Site Scripting attacks.
- Create/edit a Notification (https://example.com/wp-admin/post-new.php?post_type=easynotify)
- Put the following payload in the "Text Header", "Main Text" or any of the "Bullet List" fields: "><img src onerror=alert(/XSS/)>
- The XSS will be triggered when saving/submitting for review, when another user will edit the notification as well as when previewing it (via the Preview feature offered by the plugin, not the usual post preview)
Note: version 1.1.31 patch did not fully fix the issue as a payload like text" onmouseover="alert(/XSS/); would work in some of the affected fieldsRelated
vulnrichment
vulnrichment
CVE-2024-3236 Easy Notify Lite < 1.1.33 - Contributor+ Stored XSS
2024-06-17 06:00:01
cve
cve
CVE-2024-3236
2024-06-17 06:15:08
nvd
nvd
CVE-2024-3236
2024-06-17 06:15:08
cvelist
cvelist
CVE-2024-3236 Easy Notify Lite < 1.1.33 - Contributor+ Stored XSS
2024-06-17 06:00:01
wpvulndb
wpvulndb
Easy Notify Lite < 1.1.33 - Contributor+ Stored XSS
2024-05-27 00:00:00
wordfence
wordfence