Lucene search
Huy NguyenWPEX-ID:A8D314B9-26AC-4B56-A85C-A2528E55E73AHistoryNov 02, 2021 - 12:00 a.m.
WP All Import < 3.6.3 - Admin+ Stored Cross-Site Scripting
2021-11-0200:00:00
Huy Nguyen
277
wordpress
all import
cross-site scripting
EPSS
0.001
Percentile
24.8%
The plugin does not escape the Import’s Title and Unique Identifier fields before outputting them in admin pages, which could allow high privilege users to perform Cross-Site attacks even when the unfiltered_html capability is disallowed.
1. Add a new Import at "New Import", upload a random.txt (json, zip etcs) file.
2. Continue to "Drag & Drop" step. Put the XSS payload in the title form, e.g: laladee"><img src=a onerror=alert('title')>
or put XSS payload in Unique Identifier form at "Import Settings" step.
3. Continue to the end of steps and run the Import (which will trigger the XSS)
4. The XSS will be triggered again when going to Manage Imports > Run Import, Manage Imports > Run Import > Confirm & Run the import, Manage Imports > Edit Import > Preview
Note: v3.6.2 fixed the XSS in when running the import, but not in the previewRelated
nvd
nvd
CVE-2021-24714
2021-12-06 16:15:07
cvelist
cvelist
CVE-2021-24714 WP All Import < 3.6.3 - Admin+ Stored Cross-Site Scripting
2021-12-06 15:55:23
prion
prion
Cross site scripting
2021-12-06 16:15:00
cve
cve
CVE-2021-24714
2021-12-06 16:15:07
wpvulndb
wpvulndb
WP All Import < 3.6.3 - Admin+ Stored Cross-Site Scripting
2021-11-02 00:00:00