WordPress Plugin Vulnerabilities

Smooth Scroll Page Up/Down Buttons < 1.4 - Authenticated Stored XSS

Description

The plugin did not properly sanitise and validate its settings, such as psb_distance, psb_buttonsize, psb_speed, only validating them client side. This could allow high privilege users (such as admin) to set XSS payloads in them

Proof of Concept

Affects Plugins

Plugin icon
smooth-page-scroll-updown-buttons
Fixed in 1.4

References

CVE
CVE-2021-24331
URL
https://m0ze.ru/vulnerability/[2021-04-24]-[WordPress]-[CWE-79]-Smooth-Scroll-Page-UpDown-Buttons-WordPress-Plugin-v1.3.txt

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
5.5 (medium)

Miscellaneous

Original Researcher
m0ze
Submitter
m0ze
Submitter website
https://m0ze.ru
Submitter twitter
vladm0ze
Verified
Yes
WPVDB ID
2c7ca586-def8-4723-b779-09d7f37fa1ab

Timeline

Publicly Published
2021-05-17 (about 4 years ago)
Added
2021-05-17 (about 4 years ago)
Last Updated
2021-05-18 (about 4 years ago)

Other

Published
Title
Published
2023-10-24
Title
Nexter Extension < 2.0.4 - Reflected XSS
Published
2024-12-04
Title
WIP WooCarousel Lite < 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2025-03-28
Title
PostX < 4.1.26 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2021-09-06
Title
ELEX WooCommerce Google Shopping < 1.2.4 - Reflected Cross-Site Scripting (XSS)
Published
2017-05-12
Title
Crafty Social Buttons < 1.5.8 - XSS