WordPress Admin Bar And Dashboard Access Control 1.28 XSS Vulnerability

2024-02-2800:00:00

Rachit Arora

0day.today

131

wordpress

admin bar

dashboard access control

vulnerability

cross-site scripting

xss

exploit

security issue

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

AI Score

6.6

Confidence

High

EPSS

Percentile

14.0%

JSON

WordPress Admin Bar and Dashboard Access Control plugin version 1.28 suffers from a persistent cross site scripting vulnerability.

# Exploit Title:  WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8 - "Dashboard Redirect" field  Stored Cross-Site Scripting (XSS)
# Exploit Author: Rachit Arora
# Vendor Homepage: 
# Software Link:  https://wordpress.org/plugins/admin-bar-dashboard-control/
# Version: 1.2.8
# Category: Web Application
# Tested on: Windows
# CVE : 2023-47184


1. Install WordPress (latest)

2. Install and activate Admin Bar & Dashboard Access Control.

3. Navigate to "Admin Bar & Dash"  >> Under Dashboard Access and in the "Dashboard Redirect" enter the payload into the input field.

"onfocusin=alert``+autofocus>
"onfocusin=alert`document.domain`+autofocus>

4. You will observe that the payload successfully got stored  and when you are triggering the same functionality in that time JavaScript payload is executing successfully and we are getting a pop-up.