WordPress Plugin Vulnerabilities

Thinkific Uploader <= 1.0.0 - Admin+ Stored Cross-Site Scripting

Description

The plugin does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks against other administrators.

Proof of Concept

Put the following payload in any of the settings: "><svg/onload=alert(/XSS/)>

Affects Plugins

thinkific-uploader

No known fix - plugin closed

References

CVE

CVE-2022-2426

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Original Researcher

Raad Haddad of Cloudyrion GmbH

Submitter

Raad Haddad of Cloudyrion GmbH

Submitter twitter

raadfhaddad

Verified

Yes

WPVDB ID

00e36ad9-b55b-4d17-96fb-e415eec47422

Timeline

Publicly Published

2022-07-18 (about 6 months ago)

Added

2022-07-18 (about 6 months ago)

Last Updated

2022-08-22 (about 5 months ago)

Our Other Services

WPScan WordPress Security Plugin