Lucene search

K
wpvulndbMuhamad hidayatWPVDB-ID:27AD58BA-B648-41D9-8074-16E4FEEAEE69
HistoryApr 11, 2022 - 12:00 a.m.

Adrotate < 5.8.23 - Admin+ XSS via Advert Name

2022-04-1100:00:00
muhamad hidayat
wpscan.com
15

0.001 Low

EPSS

Percentile

24.8%

The plugin does not sanitise and escape Advert Names which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

PoC

Create/edit an Advert and put the following payload in the Name field: "> The XSS will be triggered when accessing the Manage Adverts page

CPENameOperatorVersion
adrotatelt5.8.23

0.001 Low

EPSS

Percentile

24.8%

Related for WPVDB-ID:27AD58BA-B648-41D9-8074-16E4FEEAEE69