Lucene search

K
wpvulndbKishore HariramWPVDB-ID:EB8E2B9D-F153-49C9-862A-5C016934F9AD
HistoryMay 04, 2021 - 12:00 a.m.

Hotjar Connecticator <= 1.1.1 - Authenticated Stored Cross-Site Scripting (XSS)

2021-05-0400:00:00
Kishore Hariram
wpscan.com
9
hotjar connecticator
stored cross-site scripting
csrf nonce
admin users
vulnerability

EPSS

0.001

Percentile

24.8%

The plugin was vulnerable to Stored Cross-Site Scripting (XSS) in the “hotjar script” textarea. The request did include a CSRF nonce that was properly verified by the server and this vulnerability could only be exploited by administrator users.

PoC

Step 1: Install and activate the plugin “Hotjar Connecticator” Step 2: Now enter the following script on the “Hotjar script” text field. abc Step 3: Now we can see the script is stored and executed all the when we visit the website.

Affected configurations

Vulners
Node
bluemedicinelabshotjar_connecticatorwordpress
VendorProductVersionCPE
bluemedicinelabshotjar_connecticator*cpe:2.3:a:bluemedicinelabs:hotjar_connecticator:*:*:*:*:*:wordpress:*:*

EPSS

0.001

Percentile

24.8%

Related for WPVDB-ID:EB8E2B9D-F153-49C9-862A-5C016934F9AD