WordPress Plugin Vulnerabilities
Panda Pods Repeater Field < 1.5.4 - Reflected XSS
Description
The plugin does not sanitize and escapes a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against a user having at least Contributor permission.
Proof of Concept
1. Install Pods plugin (dependency) - https://wordpress.org/plugins/pods 2. Install the vulnerable plugin (panda-pods-repeater-field) - https://wordpress.org/plugins/panda-pods-repeater-field (v1.5.3) 3. As an authenticated user, visit the following URL to trigger an alert box: http://example.com/wp-content/plugins/panda-pods-repeater-field/fields/pandarepeaterfield.php?itemid=1&podid=1);%20alert(/xss/);/*x&iframe_id=panda-repeater-add-new&success=1
Affects Plugins
References
CVE
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
cydave
Submitter
cydave
Submitter website
Submitter twitter
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2022-12-07 (about 1 years ago)
Added
2023-01-03 (about 1 years ago)
Last Updated
2023-01-03 (about 1 years ago)