Panda Pods Repeater Field < 1.5.4 – Reflected XSS | CVE 2022-4306 | Plugin Vulnerabilities

Description

The plugin does not sanitize and escapes a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against a user having at least Contributor permission.

Proof of Concept

1. Install Pods plugin (dependency) - https://wordpress.org/plugins/pods

2. Install the vulnerable plugin (panda-pods-repeater-field) - https://wordpress.org/plugins/panda-pods-repeater-field (v1.5.3)

3. As an authenticated user, visit the following URL to trigger an alert box:

http://example.com/wp-content/plugins/panda-pods-repeater-field/fields/pandarepeaterfield.php?itemid=1&podid=1);%20alert(/xss/);/*x&iframe_id=panda-repeater-add-new&success=1

Affects Plugins

panda-pods-repeater-field

Fixed in 1.5.4

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

cydave

Submitter

cydave

Submitter website

https://cyllective.com/

Submitter twitter

Verified

Yes

WPVDB ID

18d7f9af-7267-4723-9d6f-05b895c94dbe

Timeline

Publicly Published

2022-12-07 (about 3 years ago)

Added

2023-01-03 (about 2 years ago)

Last Updated

2023-01-03 (about 2 years ago)

Other

Published

Title

Published

2024-11-08

Title

Bitcoin Payments <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2024-10-21

Title

Web Bricks Addons for Elementor < 1.1.11 - Contributor+ Stored XSS

Published

2024-05-10

Title

Blocksy Companion < 2.0.46 - Contributor+ Stored Cross-Site Scripting via SVG Uploads

Published

2021-12-06

Title

Site Reviews < 5.17.3 - Unauthenticated Stored Cross-Site Scripting

Published

2024-11-08

Title

Bread & Butter < 7.5.880 - Contributor+ Stored XSS