WordPress Plugin Vulnerabilities

myStickymenu < 2.5.2 - Authenticated Stored XSS

Description

The plugin does not sanitise or escape its Bar Text settings, allowing hight privilege users to use malicious JavaScript in it, leading to a Stored Cross-Site Scripting issue, which will be triggered in the plugin's setting, as well as all front-page of the blog (when the Welcome bar is active)

Proof of Concept

Affects Plugins

Plugin icon
mystickymenu
Fixed in 2.5.2

References

CVE
CVE-2021-24425
URL
https://m0ze.ru/vulnerability/[2021-05-21]-[WordPress]-[CWE-79]-MyStickymenu-WordPress-Plugin-v2.5.1.txt

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
5.9 (medium)

Miscellaneous

Original Researcher
m0ze
Submitter
m0ze
Submitter website
https://m0ze.ru
Submitter twitter
vladm0ze
Verified
Yes
WPVDB ID
14632fa8-597e-49ff-8583-9797208a3583

Timeline

Publicly Published
2021-06-21 (about 4 years ago)
Added
2021-06-28 (about 4 years ago)
Last Updated
2022-03-05 (about 3 years ago)

Other

Published
Title
Published
2025-01-06
Title
SEO Keywords <= 1.1.3 - Reflected Cross-Site Scripting via google_error Parameter
Published
2024-11-08
Title
LIQUID BLOCKS < 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2015-01-29
Title
PowerPress Podcasting < 6.0.1 - Cross-Site Scripting (XSS)
Published
2016-12-21
Title
Chained Quiz <= 0.9.8 - Cross-Site Scripting (XSS)
Published
2023-11-06
Title
ImageMapper <= 1.2.6 - Contributor+ Stored XSS