Ajax Search Lite < 4.12.1 – Admin+ Stored XSS | CVE 2024-7084 | Plugin Vulnerabilities

Description

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Admin+ to perform Cross-Site Scripting attacks.

Proof of Concept

You need to go to the Ajax Search Lite control panel and save all settings, while intercepting the request. After interception, it is necessary to put the payload in the override_search_form=[XSS] parameter

123"test='"><script></script><img+src=x+onerror=alert(777)>

Affects Plugins

ajax-search-lite

Fixed in 4.12.1

References

CVE

URL

https://research.cleantalk.org/CVE-2024-XXXX/

YouTube Video

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Krugov Artyom

Submitter

Krugov Artyom

Submitter website

https://research.cleantalk.org

Verified

Yes

WPVDB ID

0d38bf4d-de6a-49f8-be69-fa483fa61bb7

Timeline

Publicly Published

2024-07-16 (about 1 year ago)

Added

2024-07-31 (about 1 year ago)

Last Updated

2024-07-31 (about 1 year ago)

Other

Published

Title

Published

2025-01-27

Title

Oshine Modules < 3.3.8 - Reflected Cross-Site Scripting

Published

2022-12-29

Title

Video Conferencing with Zoom < 4.0.10 - Contributor+ Stored XSS

Published

2014-08-01

Title

Video Metabox 1.1 - Stored Cross-Site Scripting (XSS)

Published

2024-12-06

Title

Shortcodes Blocks Creator Ultimate <= 2.2.0 - Reflected Cross-Site Scripting via _wpnonce

Published

2022-11-10

Title

WPUpper Share Buttons < 3.43 - Admin+ Stored XSS