logoWordPressPluginsThemesAPISubmitContact
search-icon
logo
search-icon
WordPressPluginsThemesAPISubmitContactSecurity Scanner
Register

Insert Pages < 3.7.0 - Contributor+ Stored Cross-Site Scripting

Description

The plugin adds a shortcode that prints out other pages' content and custom fields. It can be used by users with a role as low as Contributor to perform Cross-Site Scripting attacks by storing the payload/s in another post's custom fields.

Proof of Concept

- Create a page A
- Add a custom field containing JS in Page A
- Create page B
- add shortcode to page B: [insert page="page_A_slug" display="all"]

Affects Plugins

insert-pages

Fixed in version 3.7.0

References

CVE

CVE-2021-24850

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Original Researcher

Francesco Carlucci

Submitter

Francesco Carlucci

Submitter website

https://carluc.ci

Submitter twitter

francecarlucci

Verified

Yes

WPVDB ID

2d6f9be0-b9fd-48e5-bd68-94eeb3822c0a

Timeline

Publicly Published

2021-10-18 (about 1 months ago)

Added

2021-10-18 (about 1 months ago)

Last Updated

2021-10-18 (about 1 months ago)

Our Other Services

WPScan WordPress Security Plugin