WordPress Plugin Vulnerabilities
Spacer < 3.0.7 - Admin+ Stored XSS
Description
The plugin does not sanitize and escapes some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup).
Proof of Concept
Add new Spacers and add payload "><h1 onclick=alert(document.domain)>Gem</h1> to Settings » Spacer » Add Spacers » New Spacer » Space Title and submit.
Affects Plugins
References
CVE
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
gem
Submitter
gem
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2022-10-28 (about 1 years ago)
Added
2022-10-28 (about 1 years ago)
Last Updated
2022-10-28 (about 1 years ago)