Lucene search
Bob MatyasWPEX-ID:BF1B8434-B361-4666-9058-D9F08C09D083HistoryMay 14, 2024 - 12:00 a.m.
FS Product Inquiry <= 1.1.1 - Unauthenticated Stored XSS
2024-05-1400:00:00
Bob Matyas
15
xss
unauthenticated
fs product inquiry
update
exploit
Description The plugin does not sanitise and escape some form submissions, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks
1. Add an inquiry form using the shortcode `[fspi-show-products-list]`
2. As a non-logged in visitor, enter the payload `
" style=animation-name:rotation onanimationstart=alert(/XSS/)//` for the name
3. See the XSS when editing an individual inquiry from: https://example.com/wp-admin/edit.php?post_type=fspi-inquiryRelated
wpvulndb
wpvulndb
FS Product Inquiry <= 1.1.1 - Unauthenticated Stored XSS
2024-05-14 00:00:00
cve
cve
CVE-2024-4857
2024-06-04 06:15:12
nvd
nvd
CVE-2024-4857
2024-06-04 06:15:12
cvelist
cvelist
CVE-2024-4857 FS Product Inquiry <= 1.1.1 - Unauthenticated Stored XSS
2024-06-04 06:00:03
vulnrichment
vulnrichment
CVE-2024-4857 FS Product Inquiry <= 1.1.1 - Unauthenticated Stored XSS
2024-06-04 06:00:03
wordfence
wordfence
8.3 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for WPEX-ID:BF1B8434-B361-4666-9058-D9F08C09D083