Lucene search
An DangWPVDB-ID:762FF2CA-5C1F-49AE-B83C-1C22BACBC82FHistoryAug 23, 2023 - 12:00 a.m.
Leyka < 3.30.4 - Admin+ Stored XSS
2023-08-2300:00:00
An Dang
wpscan.com
1
stored xss
plugin vulnerability
admin privilege
unsanitized settings
vendor notification
hotfix
0.0004 Low
EPSS
Percentile
14.1%
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) Note: The issue was reported to the vendor on May 30th, 2023 and unfortunately hot fixed in 3.30.3 rather than releasing a new version.
PoC
In the “My Data” section of the plugin settings, enter the payload `` for either the “text of personal data usage Terms” or “text of Terms of donation service” settings . Set at least one payment method, load the campaign, and view the XSS.
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 3.30.4 |
Related
cnvd
cnvd
WordPress Leyka plugin cross-site scripting vulnerability
2023-09-21 00:00:00
wpexploit
wpexploit
Leyka < 3.30.4 - Admin+ Stored XSS
2023-08-23 00:00:00
nvd
nvd
CVE-2023-2995
2023-09-19 20:15:09
cvelist
cvelist
CVE-2023-2995 Leyka < 3.30.4 - Admin+ Stored XSS
2023-09-19 19:37:08
cve
cve
CVE-2023-2995
2023-09-19 20:15:09
prion
prion
Cross site scripting
2023-09-19 20:15:00
wordfence
wordfence