WordPress Plugin Vulnerabilities

Event Geek <= 2.5.2 - Stored Cross-site Scripting (XSS)

Description

The plugin does not sanitise or escape its "Use your own theme" setting before outputting it in the page, leading to an authenticated (admin+) stored Cross-Site Scripting issue

Proof of Concept

As admin, put the following payload in the "Use your own theme (enter URL):" option (wp-admin/edit.php?post_type=gg_events&page=gg_event_menu) of the plugin: "><script>alert(/XSS/)</script>

Affects Plugins

Plugin icon
event-geek
No known fix

References

CVE
CVE-2021-24480

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
5.5 (medium)

Miscellaneous

Original Researcher
ABISHEIK M
Submitter
ABISHEIK M
Submitter twitter
abisheikmagesh
Verified
Yes
WPVDB ID
243d417a-6fb9-4e17-9e12-a8c605f9af8a

Timeline

Publicly Published
2021-06-28 (about 2 years ago)
Added
2021-06-28 (about 2 years ago)
Last Updated
2021-08-10 (about 2 years ago)

Other

Published
Title
Published
2021-10-05
Title
Simple Download Monitor < 3.9.5 - Contributor+ Stored Cross-Site Scripting via File Thumbnail
Published
2024-02-23
Title
ProfilePress < 4.15.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via profilepress-edit-profile Shortcode
Published
2023-04-18
Title
ApexChat < 1.3.2 - Admin+ Stored XSS
Published
2022-11-22
Title
Videojs HTML5 Player < 1.1.9 - Contributor+ Stored XSS
Published
2022-01-18
Title
Give < 2.17.3 - Reflected Cross-Site Scripting via Donation Forms Dashboard