WordPress Plugin Vulnerabilities

Google Authenticator < 1.0.8 - Admin+ Stored Cross-Site Scripting

Description

The plugin does not escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed

Proof of Concept

Put the following payload in the Account Name settings and click on the 'Change App name' button: " autofocus onfocus=alert(/XSS/)//

Affects Plugins

miniorange-google-authenticator

Fixed in version 1.0.5

References

CVE

CVE-2022-1994

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Original Researcher

Niraj Mahajan

Submitter

Niraj Mahajan

Submitter website

https://www.linkedin.com/in/niraj1mahajan/

Submitter twitter

niraj1mahajan

Verified

Yes

WPVDB ID

114d94be-b567-4b4b-9a44-f2c05cdbe18e

Timeline

Publicly Published

2022-06-06 (about 1 years ago)

Added

2022-06-06 (about 1 years ago)

Last Updated

2023-03-07 (about 6 months ago)

Our Other Services

WPScan WordPress Security Plugin