WordPress Plugin Vulnerabilities
Advanced Access Manager < 6.8.0 - Admin+ Stored Cross-Site Scripting
Description
The plugin does not escape some of its settings when outputting them, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Proof of Concept
Put the following payload in any of the plugin's settings with a text input: - v < 6.7.9 - "><script>alert(/XSS/)</script> - v < 6.8.0 - " onfocus=alert(/XSS/)// For example in "404 Redirect" > "Redirected to the local URL" > "The URL", "URI Access" > Create > "Enter URL" etc The XSS will be triggered when accessing the plugin setting again
Affects Plugins
Fixed in version 6.8.0
References
Classification
Miscellaneous
Original Researcher
Huy Nguyen
Submitter
Huy Nguyen
Submitter website
Verified
Yes
Timeline
Publicly Published
2021-10-19 (about 1 years ago)
Added
2021-10-19 (about 1 years ago)
Last Updated
2022-04-14 (about 7 months ago)