wpForo Forum < 2.1.9 – Reflected Cross-Site Scripting | CVE 2023-2309 | Plugin Vulnerabilities

Description

The plugin does not escape some request parameters while in debug mode, leading to a Reflected Cross-Site Scripting vulnerability.

Proof of Concept

1. Visit wpForo > Settings > General Settings.
2. Enable Debug Mode and click Save Options.
3. Visit a forum on the frontend, e.g. `/community/main-forum/`
4. Append the following URL parameter to achieve XSS: `?param=%3Cscript%3Ealert(/XSS/)%3C/script%3E`

Affects Plugins

Fixed in 2.1.9

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Alex Sanford

Submitter

Alex Sanford

Submitter website

https://wpscan.com

Verified

Yes

WPVDB ID

1b3f4558-ea41-4749-9aa2-d3971fc9ca0d

Timeline

Publicly Published

2023-07-03 (about 2 years ago)

Added

2023-07-03 (about 2 years ago)

Last Updated

2023-07-03 (about 2 years ago)

Other

Published

Title

Published

2022-03-28

Title

Page Security & Membership <= 1.5.15 - Admin+ Stored Cross-Site Scripting

Published

2025-02-18

Title

Visualizer: Tables and Charts Manager for WordPress < 3.11.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Import Data From File

Published

2025-01-17

Title

Tantyyellow <= 1.0.0.5 - Reflected Cross-Site Scripting

Published

2021-12-27

Title

Tutor LMS < 1.9.12 - Subscriber+ Stored Cross-Site Scripting

Published

2024-10-30

Title

Easy SVG Upload <= 1.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload