WordPress Plugin Vulnerabilities

Login/Signup Popup < 1.5 - Authenticated Stored Cross-Site Scripting (XSS)

Description

A lack of capability checks and security nonce allows any authenticated user to inject, via the AJAX API, JavaScript code into the plugin’s settings and to use it to target the administrator in the backend of WordPress. The vulnerability has been exploited for a couple of days.

Affects Plugins

Plugin icon
easy-login-woocommerce
Fixed in 1.5

References

CVE
CVE-2020-36715
URL
https://blog.nintechnet.com/zero-day-vulnerability-fixed-in-wordpress-login-signup-popup-plugin/
URL
https://plugins.trac.wordpress.org/changeset/2304979/easy-login-woocommerce

Classification

Type
PRIVESC
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-269
CVSS
9.9 (critical)

Miscellaneous

Original Researcher
Jerome Braundet (NinTechNet)
Verified
No
WPVDB ID
2a184cfd-a110-4316-b2f5-814581679abb

Timeline

Publicly Published
2020-05-14 (about 5 years ago)
Added
2020-05-14 (about 5 years ago)
Last Updated
2023-06-08 (about 2 years ago)

Other

Published
Title
Published
2025-10-30
Title
King Addons for Elementor – Free Elements, Widgets, Templates, and Features for Elementor 24.12.92 - 51.1.14 - Unauthenticated Privilege Escalation
Published
2019-12-24
Title
Featured Image from URL <= 2.7.7 - Missing Access Controls on REST routes
Published
2020-03-25
Title
All-in-One WP Migration < 7.15 - Arbitrary Backup Download
Published
2020-01-13
Title
Ultimate Member < 2.1.3 - Insecure Direct Object Reference (IDOR)
Published
2025-01-06
Title
School Management System <= 1.0.8 - Unauthenticated Privilege Escalation