Lucene search
Enrico MarcoliniWPVDB-ID:CA7B6A39-A910-4B4F-B9CC-BE444EC44942HistoryDec 14, 2023 - 12:00 a.m.
WP Crowdfunding < 2.1.9 - Reflected XSS
2023-12-1400:00:00
Enrico Marcolini
wpscan.com
5
wp crowdfunding
version 2.1.9
reflected xss
plugin vulnerability
cross-site scripting
campaign search widget
high privilege users
Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
PoC
1. Add a “Campaign Search” widget to your site (via Appearance > Customise > Widgets for example) 2. Access the URL: https://www.example.com/?s=">&post;_type=product&product;_type=croudfunding 3. See the XSS.
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 2.1.9 |
Related
cvelist
cvelist
CVE-2023-6161 WP Crowdfunding < 2.1.9 - Reflected XSS
2024-01-08 19:00:27
nvd
nvd
CVE-2023-6161
2024-01-08 19:15:10
cve
cve
CVE-2023-6161
2024-01-08 19:15:10
prion
prion
Cross site scripting
2024-01-08 19:15:00
wpexploit
wpexploit
WP Crowdfunding < 2.1.9 - Reflected XSS
2023-12-14 00:00:00
5.8 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.1%
Related for WPVDB-ID:CA7B6A39-A910-4B4F-B9CC-BE444EC44942