WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Insert Pages < 3.7.0 - Contributor+ Stored Cross-Site Scripting

Description

The plugin adds a shortcode that prints out other pages' content and custom fields. It can be used by users with a role as low as Contributor to perform Cross-Site Scripting attacks by storing the payload/s in another post's custom fields.

Proof of Concept

- Create a page A
- Add a custom field containing JS in Page A
- Create page B
- add shortcode to page B: [insert page="page_A_slug" display="all"]

Affects Plugins

insert-pages
Fixed in version 3.7.0

References

CVE
CVE-2021-24850

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

Francesco Carlucci

Submitter

Francesco Carlucci

Submitter website
https://carluc.ci
Submitter twitter
francecarlucci
Verified

Yes

WPVDB ID
2d6f9be0-b9fd-48e5-bd68-94eeb3822c0a

Timeline

Publicly Published

2021-10-18 (about 7 months ago)

Added

2021-10-18 (about 7 months ago)

Last Updated

2022-04-16 (about 1 months ago)

Our Other Services

WPScan WordPress Security Plugin