Lucene search

K
wpvulndbGenubhau WayalWPVDB-ID:12F1ED97-D392-449D-B25C-42D241693888
HistorySep 20, 2021 - 12:00 a.m.

Sociable <= 4.3.4.1 - Admin+ Stored Cross-Site Scripting

2021-09-2000:00:00
Genubhau Wayal
wpscan.com
12

0.001 Low

EPSS

Percentile

24.8%

The plugin does not sanitise or escape some of its settings before outputting them in the admins dashboard, allowing high privilege users to perform Cross-Site Scripting attacks against other users even when the unfiltered_html capability is disallowed

PoC

Put the following payload in the “Background Color” or “Labels Color” Skyscraper settings of the plugin in the (/wp-admin/options-general.php?page=skyscraper_options): "> Other settings might be affected as well

CPENameOperatorVersion
sociableeq*

0.001 Low

EPSS

Percentile

24.8%

Related for WPVDB-ID:12F1ED97-D392-449D-B25C-42D241693888