Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbBipul Jaiswal from SecureLayer7WPVDB-ID:ADF09E29-BAF5-4426-A281-6763C107D348
HistoryJan 30, 2023 - 12:00 a.m.

Real Media Library < 4.18.29 - Author+ Stored XSS

2023-01-3000:00:00
Bipul Jaiswal from SecureLayer7
wpscan.com
1
real media library
stored xss
cross-site scripting

0.001 Low

EPSS

Percentile

23.5%

JSON

The plugin does not sanitise and escape the created folder names, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks.

PoC

As a user with the author role, go to Media > Library and create a new folder with the following payload: "> Then Add a new media (via Media > Add new), select the created folder with the payload, and upload a file, which will trigger the XSS. Any user using the malicious folder to upload files will have the XSS trigger

CPENameOperatorVersion
real-media-library-litelt4.18.29

Related

nvd 1
cve 1
prion 1
wpexploit 1
cvelist 1
wordfence 1
nvd
nvd
CVE-2023-0285
2023-02-21 09:15:12
cve
cve
CVE-2023-0285
2023-02-21 09:15:12
prion
prion
Cross site scripting
2023-02-21 09:15:00
wpexploit
wpexploit
Real Media Library < 4.18.29 - Author+ Stored XSS
2023-01-30 00:00:00
cvelist
cvelist
CVE-2023-0285 Real Media Library < 4.18.29 - Author+ Stored XSS
2023-02-21 08:50:42
wordfence
wordfence
Wordfence Intelligence CE Weekly Vulnerability Report (1-30-2023 to 2-5-2023)
2023-02-09 15:31:04

0.001 Low

EPSS

Percentile

23.5%

JSON
Related for WPVDB-ID:ADF09E29-BAF5-4426-A281-6763C107D348
nvd1cve1prion1wpexploit1cvelist1wordfence1