Photo Gallery by 10web < 1.5.69 - Reflected Cross-Site Scripting (XSS)

2021-02-23T00:00:00
ID WPVDB-ID:6E5F0E04-36C0-4FB6-8194-FE32C15CB3B5
Type wpvulndb
Reporter WPScanTeam
Modified 2021-02-23T07:31:29

Description

The plugin did not properly sanitise the bwg_search_X GET parameter, available in a frontend gallery when the Show Search Box setting is enabled (disabled by default), leading to a reflected Cross-Site Scripting issue

PoC

Append the below payload in a page with an embedded gallery and the Show Search Box setting enabled (in Global Settings > Gallery Views) ?bwg_search_0=" onfocus="alert(/XSS/)