Lucene search
Mohamed SelimWPVDB-ID:090DBDF4-61E2-4B51-A3E2-76096596C514HistoryJun 05, 2023 - 12:00 a.m.
Social Media Share Buttons & Social Sharing Icons < 2.8.2 - Admin+ Stored XSS
2023-06-0500:00:00
Mohamed Selim
wpscan.com
8
social media share
stored xss
cross-site scripting
admin privileges
settings sanitization
0.001 Low
EPSS
Percentile
23.3%
The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup).
PoC
Put the payload in any text field of the โ8 Do you want to show a subscription form (increases sign-ups)? ยป Text above the entry field ยป Textโ settings and save: " style=animation-name:rotation onanimationstart=alert(/XSS/)// The XSS will be triggered when reaccessing the settings.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ultimate-social-media-icons | lt | 2.8.2 |
Related
wpvulndb
wpvulndb
USM Premium < 16.3 - Admin+ Stored XSS
2023-06-05 00:00:00
cvelist
cvelist
CVE-2023-1166 USM Premium < 16.3 - Admin+ Stored XSS
2023-06-27 13:17:21
wpexploit
wpexploit
USM Premium < 16.3 - Admin+ Stored XSS
2023-06-05 00:00:00
cve
cve
CVE-2023-1166
2023-06-27 14:15:10
nvd
nvd
CVE-2023-1166
2023-06-27 14:15:10
prion
prion
Cross site scripting
2023-06-27 14:15:00
wordfence
wordfence