Lucene search
ZhangyunpeiWPVDB-ID:96818024-57AB-419D-BD46-7D2DA98269E6HistoryNov 30, 2022 - 12:00 a.m.
Sliderby10Web < 1.2.53 - Admin+ Stored XSS
2022-11-3000:00:00
zhangyunpei
wpscan.com
5
sliderby10web
plugin
version 1.2.53
admin
stored xss
settings
high privilege users
unfiltered_html
capability
multisite setup
poc
sliders
edit
slide options
input box
link the slide to
save
refresh page
xss popup
security advisory
0.001 Low
EPSS
Percentile
23.5%
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
PoC
1. Go to โSlider ยป Slidersโ and edit one of the Sliders or add a new one. 2. Click the โSlide optionsโ and enter: 1" onmouseenter=โalert(/XSS/)โ ", in the input box named โLink the slide toโ. 3. Click Save ยป refresh the page, and hover the mouse over the input box under โSlide optionsโ to check the XSS popup.
Related
cve
cve
CVE-2022-4197
2022-12-26 13:15:13
wpexploit
wpexploit
Sliderby10Web < 1.2.53 - Admin+ Stored XSS
2022-11-30 00:00:00
nvd
nvd
CVE-2022-4197
2022-12-26 13:15:13
cvelist
cvelist
CVE-2022-4197 Sliderby10Web < 1.2.53 - Admin+ Stored XSS
2022-12-26 12:28:00
prion
prion
Cross site scripting
2022-12-26 13:15:00