Lucene search
IpatelsumitWPEX-ID:C2DEFD30-7E4C-4A28-8A68-282429061F3FHistoryMar 20, 2023 - 12:00 a.m.
Simple Giveaways < 2.45.1 - Admin+ Stored XSS
2023-03-2000:00:00
ipatelsumit
71
admin
sharing method
giveaways
stored xss
unauthenticated user
EPSS
0.001
Percentile
23.3%
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
As admin, add/edit a sharing method ("Giveaways" > "Settings" > "Sharing Method"), and put the following payload in the Method Title field: <script>alert(/XSS/)</script><img src onerror=alert(/XSS2/)>
As Unauthenticated or authenticated user, go to a giveaway page in the frontend ( date one as admin if there is none yet) and enter it by giving an email. The XSS will be triggered afterwardsRelated
cve
cve
CVE-2023-1120
2023-04-10 14:15:08
wpvulndb
wpvulndb
Simple Giveaways < 2.45.1 - Admin+ Stored XSS
2023-03-20 00:00:00
nvd
nvd
CVE-2023-1120
2023-04-10 14:15:08
cvelist
cvelist
CVE-2023-1120 Simple Giveaways < 2.45.1 - Admin+ Stored XSS
2023-04-10 13:18:00
prion
prion
Cross site scripting
2023-04-10 14:15:00
wordfence
wordfence