WordPress Plugin Vulnerabilities
Mobile Events Manager < 1.4.4 - Admin+ Stored Cross-Site Scripting
Description
The plugin does not sanitise and escape various of its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Proof of Concept
Payload used: <script>alert(/XSS/)</script> - Put the payload in the TMEM Events > Settings > Events > Event prefix field, then Create an event to trigger the XSS - Put the payload in the TMEM Events > Settings > Client Zone > Application Name field. The XSS will be triggered thought the plugin - Put the payload in the TMEM Events > Settings > General > Company Name field. The XSS will be triggered in the admin dashboard
Affects Plugins
Fixed in version 1.4.4
References
Classification
Miscellaneous
Original Researcher
Varun thorat
Submitter
Varun thorat
Submitter twitter
Verified
Yes
Timeline
Publicly Published
2021-12-24 (about 1 years ago)
Added
2021-12-24 (about 1 years ago)
Last Updated
2022-04-10 (about 9 months ago)