WordPress Plugin Vulnerabilities

SpiderCalendar <= 1.5.65 - Reflected Cross-Site Scripting

Description

The plugin does not sanitise and escape the callback parameter before outputting it back in the page via the window AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue.

Note: Vendor decided to close the plugin and it won't be maintained anymore

Proof of Concept

https://example.com/wp-admin/admin-ajax.php?action=window&callback=%3C/script%3E%3Cimg/src/onerror=alert(/XSS/);%3E

Affects Plugins

spider-event-calendar

No known fix - plugin closed

References

CVE

CVE-2022-0212

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Original Researcher

Krzysztof Zając

Submitter

Krzysztof Zając

Submitter website

https://kazet.cc/

Verified

Yes

WPVDB ID

15be2d2b-baa3-4845-82cf-3c351c695b47

Timeline

Publicly Published

2022-01-13 (about 4 months ago)

Added

2022-01-13 (about 4 months ago)

Last Updated

2022-04-09 (about 1 months ago)

Our Other Services

WPScan WordPress Security Plugin