Image Protector <= 1.1 – Admin+ Stored Cross-Site Scripting | CVE 2023-2026 | Plugin Vulnerabilities

Description

The plugin does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

Proof of Concept

1. Go to http://example.com/wp-admin/admin.php?page=image-protector%2Fimage-protector.php.

2. Paste the payload in the user agent check input field: </textarea><script>alert(1008)</script>

3. Save changes, and XSS will be triggered.

Affects Plugins

image-protector

No known fix

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Shreya Pohekar

Submitter

Shreya Pohekar

Submitter website

https://shreyapohekar.com

Submitter twitter

Verified

Yes

WPVDB ID

2b59f640-5568-42bb-87b7-36eb448db5be

Timeline

Publicly Published

2023-06-19 (about 11 months ago)

Added

2023-06-19 (about 11 months ago)

Last Updated

2023-06-19 (about 11 months ago)

Other

Published

Title

Published

2024-03-25

Title

SEO Plugin by Squirrly SEO < 12.3.17 - Reflected Cross-Site Scripting

Published

2024-04-12

Title

EZ Form Calculator <= 2.14.0.3 - Reflected Cross-Site Scripting

Published

2021-10-25

Title

Video Lessons Manager - Admin+ Stored Cross-Site Scripting

Published

2023-05-12

Title

Booking Ultra Pro < 1.1.7 - Subscriber+ Settings Update

Published

2014-06-12

Title

WP Guestmap <= 1.8 - Multiple XSS