Lucene search
Rohan ChaudhariWPVDB-ID:A5C9FA61-E6F1-4460-84FE-977A203BD4BCHistoryMar 28, 2022 - 12:00 a.m.
Text Hover < 4.2 - Admin+ Stored Cross-Site Scripting
2022-03-2800:00:00
Rohan Chaudhari
wpscan.com
8
0.001 Low
EPSS
Percentile
24.8%
The plugin does not sanitize and escape the text to hover, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
PoC
As admin, put the following in the plugin’s settings: test => "> Tick the “Enable text hover in comments?”, post a comment on a post/page with the ‘test’ word and hover over it to trigger the XSS Can also edit a post and put the ‘test’ word in it to achieve the same result
| CPE | Name | Operator | Version |
|---|---|---|---|
| text-hover | lt | 4.2 |
Related
patchstack
patchstack
prion
prion
Cross site scripting
2022-04-18 18:15:00
cve
cve
CVE-2022-0737
2022-04-18 18:15:08
osv
osv
CVE-2022-0737
2022-04-18 18:15:08
cvelist
cvelist
CVE-2022-0737 Text Hover < 4.2 - Admin+ Stored Cross-Site Scripting
2022-04-18 17:10:33
wpexploit
wpexploit
Text Hover < 4.2 - Admin+ Stored Cross-Site Scripting
2022-03-28 00:00:00
nvd
nvd
CVE-2022-0737
2022-04-18 18:15:08