WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

WS Form < 1.8.176 - Admin+ Stored Cross-Site Scripting

Description

The plugins do not sanitise and escape their Form Name, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

Proof of Concept

Create a form and put the following payload in the Form Title: "><img src onerror=alert(/XSS/)>

The XSS will be triggered in the Forms list, as well as when viewing/previewing the form

Affects Plugins

ws-form
Fixed in version 1.8.176
ws-form-pro
Fixed in version 1.8.176

References

CVE
CVE-2022-23987

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

Felipe Restrepo Rodriguez

Submitter

Felipe Restrepo Rodriguez

Submitter website
https://www.pfelilpe.com
Submitter twitter
pfelilpe
Verified

Yes

WPVDB ID
1697351b-c201-4e85-891e-94fdccbdfb55

Timeline

Publicly Published

2022-01-31 (about 10 months ago)

Added

2022-01-31 (about 10 months ago)

Last Updated

2022-04-12 (about 7 months ago)

Our Other Services

WPScan WordPress Security Plugin