Multiple Plugins from Wow-Company - Reflected XSS

2023-05-2200:00:00

wpscan.com

reflected cross-site scripting

page parameter

admin users

windows

os x

poc

wow-company plugins

0.001 Low

EPSS

Percentile

25.0%

JSON

The plugins do not escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

PoC

Make a logged in admin open a page with the code below The XSS will be triggered when pressing ALT+SHIFT+X on Windows and CTRL+ALT+X on OS X

CPENameOperatorVersion
float-menult5.0.2
bubble-menult3.0.4
button-generationlt2.3.5
calculator-builderlt1.5.1
counter-boxlt1.2.2
floating-buttonlt5.3.1
mwp-herd-effectlt5.2.2
popup-boxlt2.2.2
side-menu-litelt4.0.2
sticky-buttonslt3.1.1

Name	Operator	Version
float-menu	lt	5.0.2
bubble-menu	lt	3.0.4
button-generation	lt	2.3.5
calculator-builder	lt	1.5.1
counter-box	lt	1.2.2
floating-button	lt	5.3.1
mwp-herd-effect	lt	5.2.2
popup-box	lt	2.2.2
side-menu-lite	lt	4.0.2
sticky-buttons	lt	3.1.1

Rows per page:

1-10 of 121

0.001 Low

EPSS

Percentile

25.0%

JSON

Related for WPVDB-ID:27E70507-FD68-4915-88CF-0B96ED55208E