EasyEvent <= 1.0.0 – Admin+ Stored XSS | CVE 2024-3628 | Plugin Vulnerabilities

Description

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

Proof of Concept

1. Got to https://example.com/wp-admin/options-general.php?page=easyevent
2. In the ID field enter the below payload: `<h1 onmouseover=alert(1)>hello</h1>`
3. Save and see the XSS

Affects Plugins

No known fix

References

CVE

YouTube Video

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Satyam Singh, Vibhor Sharma

Submitter

Satyam Singh

Submitter twitter

Verified

Yes

WPVDB ID

171af8eb-ceeb-403a-abc2-969d9535a4c9

Timeline

Publicly Published

2024-04-16 (about 1 year ago)

Added

2024-04-16 (about 1 year ago)

Last Updated

2024-04-16 (about 1 year ago)

Other

Published

Title

Published

2024-04-30

Title

Pliska < 0.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Author Display Name

Published

2025-02-02

Title

Migrate Posts <= 1.0 - Reflected Cross-Site Scripting

Published

2024-12-06

Title

워드프레스 결제 심플페이 – 우커머스 결제 플러그인 < 5.2.3 - Reflected Cross-Site Scripting via add_query_arg Function

Published

2021-11-01

Title

Ibtana - Ecommerce Product Addons < 0.2.4 - Reflected Cross-Site Scripting

Published

2024-09-30

Title

Web Directory Free < 1.7.4 - Reflected Cross-Site Scripting