Lucene search
Bob MatyasWPVDB-ID:F0DE62E3-5E85-43F3-8E3E-E816DAFB1406HistoryJun 05, 2024 - 12:00 a.m.
Video Widget <= 1.2.3 - Admin+ Stored XSS via Widget
2024-06-0500:00:00
Bob Matyas
wpscan.com
4
plugin
sanitization
settings
stored xss
admin
unfiltered_html
capability
multisite
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
PoC
1. Add a “Video Widget” to a widget area 2. Add the payload "> for the “width” value 3. Save and see the XSS Note: other fields are likely vulnerable
Related
cvelist
cvelist
CVE-2024-5169 Video Widget <= 1.2.3 - Admin+ Stored XSS via Widget
2024-06-26 06:00:04
wpexploit
wpexploit
Video Widget <= 1.2.3 - Admin+ Stored XSS via Widget
2024-06-05 00:00:00
nvd
nvd
CVE-2024-5169
2024-06-26 06:15:16
cve
cve
CVE-2024-5169
2024-06-26 06:15:16
vulnrichment
vulnrichment
CVE-2024-5169 Video Widget <= 1.2.3 - Admin+ Stored XSS via Widget
2024-06-26 06:00:04
wordfence
wordfence
AI Score
5
Confidence
High
EPSS
0
Percentile
14.0%
Related for WPVDB-ID:F0DE62E3-5E85-43F3-8E3E-E816DAFB1406