Themes Vulnerabilities

ListingPro < 2.0.14.5 - Reflected & Persistent Cross-Site Scripting

Description

Reflected & Persistent XSS was discovered in the 'ListingPro - WordPress Directory Theme'. Current version is 2.0.14.2 (August 9th 2019).

Edit (WPScanTeam):
November 29th, 2019 - Envato Informed
November 29th, 2019 - Envato Investigating
December 4th, 2019 - v2.0.14.3 Released, fixing the reflected XSS but not the stored one. Envato notified again.
December 5th, 2019 - v2.0.14.4 released, stored XSS still present.
December 5th, 2019 - Envato Confirmed Stored XSS still present.
December 12th, 2019 - v2.0.14.5 released, fixing the stored XSS.

Proof of Concept

Affects Themes

listingpro
Fixed in 2.0.14.5

References

CVE
CVE-2019-19540
CVE
CVE-2019-19541
CVE
CVE-2019-19542
URL
https://themeforest.net/item/listingpro-multipurpose-directory-theme/19386460

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Original Researcher
SUBVΞRSΛ
Submitter
SUBVΞRSΛ
Verified
No
WPVDB ID
094b8e8b-950f-451d-9d64-460918c8b255

Timeline

Publicly Published
2019-11-29 (about 6 years ago)
Added
2019-12-13 (about 6 years ago)
Last Updated
2021-01-19 (about 5 years ago)

Other

Published
Title
Published
2024-10-15
Title
Akismet htaccess writer <= 1.0.1 - Reflected Cross-Site Scripting
Published
2024-07-11
Title
JavaScript Logic <= 0.1 - CSRF to Stored XSS
Published
2024-08-20
Title
WordSurvey <= 3.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via sounding_title Parameter
Published
2024-08-22
Title
Simple Headline Rotator <= 1.0 - Stored XSS via CSRF
Published
2021-08-16
Title
WordPress Advanced Ticket System < 1.0.64 - Authenticated Stored Cross-Site Scripting (XSS)