Lucene search
WpvulndbWPVDB-ID:D1EBD15A-72AB-4BA2-A212-7E2EEA0B0FB0HistoryJan 31, 2022 - 12:00 a.m.
Post Snippets < 3.1.4 - CSRF to Stored Cross-Site Scripting
2022-01-3100:00:00
wpscan.com
9
plugin security
csrf
file import
stored xss
admin privileges
EPSS
0.001
Percentile
43.4%
The plugin does not have CSRF check when importing files, allowing attacker to make a logged In admin import arbitrary snippets. Furthermore, imported snippers are not sanitised and escaped, which could lead to Stored Cross-Site Scripting issues
PoC
The XSS will be triggered anywhere in the backend Or, as admin: Create a .cfg file with the following content: a:1:{i:0;a:7:{s:5:“title”;s:29:“”;s:4:“vars”;s:0:“”;s:11:“description”;s:0:“”;s:9:“shortcode”;b:0;s:3:“php”;b:0;s:11:“wptexturize”;b:0;s:7:“snippet”;s:0:“”;}} Zip it and import it via the plugin’s Import feature
Related
patchstack
patchstack
cnvd
cnvd
WordPress Post Snippets plugin cross-site request forgery vulnerability
2022-03-02 00:00:00
prion
prion
Cross site scripting
2022-02-28 09:15:00
nvd
nvd
CVE-2021-25010
2022-02-28 09:15:08
cve
cve
CVE-2021-25010
2022-02-28 09:15:08
cvelist
cvelist
CVE-2021-25010 Post Snippets < 3.1.4 - CSRF to Stored Cross-Site Scripting
2022-02-28 09:06:28
wpexploit
wpexploit
Post Snippets < 3.1.4 - CSRF to Stored Cross-Site Scripting
2022-01-31 00:00:00