Lucene search

K
wpvulndbLana CodesWPVDB-ID:A28F52A4-FD57-4F46-8983-F34C71EC88D5
HistoryDec 27, 2022 - 12:00 a.m.

Sassy Social Share < 3.3.45 - Contributor+ Stored XSS

2022-12-2700:00:00
Lana Codes
wpscan.com
10
sassy social share
stored xss
contributor
validation
shortcode
cross-site scripting
admins
security vulnerability

0.001 Low

EPSS

Percentile

23.5%

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.

PoC

Insert the following shortcode in a post/page: [Sassy_Follow_Icons social_networks=“facebook” width=‘" onmouseover=“alert(/XSS/)”’] The XSS will be triggered when previewing/viewing the post/page and moving the Mose over the Facebook icon

CPENameOperatorVersion
sassy-social-sharelt3.3.45

0.001 Low

EPSS

Percentile

23.5%

Related for WPVDB-ID:A28F52A4-FD57-4F46-8983-F34C71EC88D5