Lucene search
Victor PasmanWPVDB-ID:57017050-811E-474D-8256-33D19D4C0553HistoryMay 02, 2022 - 12:00 a.m.
WP Meta SEO < 4.4.7 - Admin+ Stored Cross-Site Scripting via breadcrumbs
2022-05-0200:00:00
Victor Pasman
wpscan.com
16
xss
admin
breadcrumbs
security
vulnerability
EPSS
0.001
Percentile
24.8%
The plugin does not sanitise or escape the breadcrumb separator before outputting it to the page, allowing a high privilege user such as an administrator to inject arbitrary javascript into the page even when unfiltered html is disallowed.
PoC
As admin, put the following payload in the Breadcrumb separator setting and save: The XSS will be triggered in page/post where Breadcrumb is enabled
Related
nvd
nvd
CVE-2022-1093
2022-05-23 08:16:06
prion
prion
Hardcoded credentials
2022-05-23 08:16:00
patchstack
patchstack
cvelist
cvelist
cve
cve
CVE-2022-1093
2022-05-23 08:16:06
wpexploit
wpexploit
WP Meta SEO < 4.4.7 - Admin+ Stored Cross-Site Scripting via breadcrumbs
2022-05-02 00:00:00