wpForo Forum < 2.1.9 – Reflected Cross-Site Scripting | CVE 2023-2309 | Plugin Vulnerabilities

Description

The plugin does not escape some request parameters while in debug mode, leading to a Reflected Cross-Site Scripting vulnerability.

Proof of Concept

1. Visit wpForo > Settings > General Settings.
2. Enable Debug Mode and click Save Options.
3. Visit a forum on the frontend, e.g. `/community/main-forum/`
4. Append the following URL parameter to achieve XSS: `?param=%3Cscript%3Ealert(/XSS/)%3C/script%3E`

Affects Plugins

Fixed in 2.1.9

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Alex Sanford

Submitter

Alex Sanford

Submitter website

https://wpscan.com

Verified

Yes

WPVDB ID

1b3f4558-ea41-4749-9aa2-d3971fc9ca0d

Timeline

Publicly Published

2023-07-03 (about 10 months ago)

Added

2023-07-03 (about 10 months ago)

Last Updated

2023-07-03 (about 10 months ago)

Other

Published

Title

Published

2023-08-16

Title

Video Grid < 1.22 - Reflected XSS

Published

2023-05-15

Title

Drop Shadow Boxes < 1.7.11 - Contributor+ Cross-Site Scripting

Published

2024-02-28

Title

Simple Ajax Chat < 20240223 - Unauthenticated Stored XSS

Published

2024-04-22

Title

Social Sharing Plugin – Social Warfare < 4.4.6.2 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode

Published

2023-06-05

Title

CodeColorer < 0.10.1 – Admin+ Stored Cross-Site Scripting