Lucene search
Pablo SanchezWPEX-ID:E4804850-2AC2-4CEC-BC27-07ED191D96DAHistoryAug 30, 2023 - 12:00 a.m.
Translate WordPress with GTranslate < 3.0.4 - Admin+ Stored XSS
2023-08-3000:00:00
Pablo Sanchez
29
wordpress
gtranslate
stored xss
configuration
save request
intercept
value replacement
exploit
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). This vulnerability affects multiple parameters.
1. Go to "Settings > Gtranslate"
2. Make changes to the configuration and intercept the save request
3. Replace in value of `incl_langs%5B%5D` to `</script><script>alert(1)</script>"`
4. See XSS when page is reloaded.Related
openvas
openvas
WordPress GTranslate Plugin < 3.0.4 XSS Vulnerability
2023-09-26 00:00:00
cvelist
cvelist
cve
cve
CVE-2023-4502
2023-09-25 16:15:15
nvd
nvd
CVE-2023-4502
2023-09-25 16:15:15
wpvulndb
wpvulndb
Translate WordPress with GTranslate < 3.0.4 - Admin+ Stored XSS
2023-08-30 00:00:00
prion
prion
Cross site scripting
2023-09-25 16:15:00
6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
14.1%
Related for WPEX-ID:E4804850-2AC2-4CEC-BC27-07ED191D96DA