Video Slider – Slider Carousel < 1.4.8 – Admin+ Stored Cross-Site Scripting | CVE 2022-1541 | Plugin Vulnerabilities

Description

The plugin does not sanitize or escape some of its video settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

Proof of Concept

Create/edit a video from a slider and put the following payload in the Description: <img src=x onerror=alert(/XSS/)>, then save/update the video (via the button below the Description textarea) and save/update the Slider (top right button)

The XSS will be triggered in post/page where the Slider is embed

Affects Plugins

Fixed in 1.4.8

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Fayçal CHENA

Submitter

Fayçal CHENA

Submitter website

https://fafachena.com/

Submitter twitter

Verified

Yes

WPVDB ID

053a9815-cf0a-472e-844a-3dea407ce022

Timeline

Publicly Published

2022-05-16 (about 1 years ago)

Added

2022-05-16 (about 1 years ago)

Last Updated

2022-05-17 (about 1 years ago)

Other

Published

Title

Published

2023-02-20

Title

Clio Grow < 1.0.1 - Admin+ Stored XSS

Published

2023-02-27

Title

We’re Open! < 1.47 - Admin+ Stored XSS

Published

2020-10-29

Title

WordPress < 5.5.2 - Stored XSS in Post Slugs

Published

2024-04-30

Title

EventON <= 2.2.14 - Authenticated (Administrator+) Stored Cross-Site Scripting

Published

2023-12-19

Title

Menu Image, Icons made easy < 3.11 - Admin+ Stored XSS