MC4WP < 4.8.7 – Admin+ Stored Cross-Site Scripting | Plugin Vulnerabilities

Description

The plugin does not properly sanitise from data, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

Proof of Concept

Create a form and put the following payload in the Form Code textarea: <img src onerror=alert(/XSS/)>

The XSS will be triggered when editing the form again, or when accessing a page where the form is embed

Affects Plugins

mailchimp-for-wp

Fixed in 4.8.7

References

URL

https://plugins.trac.wordpress.org/changeset/2687297

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Verified

Yes

WPVDB ID

13d92715-b195-4b75-9a39-6935fcafb832

Timeline

Publicly Published

2022-03-02 (about 4 years ago)

Added

2022-03-02 (about 4 years ago)

Last Updated

2022-03-02 (about 4 years ago)

Other

Published

Title

Published

2024-02-20

Title

wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin < 3.4.2.5 - Reflected Cross-Site Scripting.

Published

2016-04-26

Title

Gnucommerce < 0.5.7-beta - XSS

Published

2025-04-01

Title

Product Table by WBW < 2.1.5 - Reflected Cross-Site Scripting

Published

2023-08-17

Title

Cookies by JM <= 1.0 - Admin+ Stored XSS

Published

2025-01-03

Title

ProductDyno < 1.0.25 - Reflected Cross-Site Scripting