Lucene search
Ilyase DehyWPVDB-ID:7DE4C313-359E-4450-85F5-D29F3C2F046AHistoryMay 23, 2023 - 12:00 a.m.
Ultimate Dashboard < 3.7.6 - Admin+ Stored XSS
2023-05-2300:00:00
Ilyase Dehy
wpscan.com
5
ultimate dashboard
stored xss
admin+
sanitise
cross-site scripting
multisite setup
0.001 Low
EPSS
Percentile
19.6%
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
PoC
1. Go to “Ultimate Dashboard -> Settings -> General”. 2. In the “Custom Howdy Text” field, input the XSS payload: "> 3. Save the settings. 4. Observe the XSS payload being executed in the browser when the page is loaded.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ultimate-dashboard | lt | 3.7.6 |
Related
cve
cve
CVE-2023-2812
2023-06-19 11:15:10
prion
prion
Cross site scripting
2023-06-19 11:15:00
cvelist
cvelist
CVE-2023-2812 Ultimate Dashboard < 3.7.6 - Admin+ Stored XSS
2023-06-19 10:52:55
nvd
nvd
CVE-2023-2812
2023-06-19 11:15:10
wpexploit
wpexploit
Ultimate Dashboard < 3.7.6 - Admin+ Stored XSS
2023-05-23 00:00:00