WordPress Plugin Vulnerabilities
Insert Pages < 3.7.0 - Contributor+ Stored Cross-Site Scripting
Description
The plugin adds a shortcode that prints out other pages' content and custom fields. It can be used by users with a role as low as Contributor to perform Cross-Site Scripting attacks by storing the payload/s in another post's custom fields.
Proof of Concept
- Create a page A - Add a custom field containing JS in Page A - Create page B - add shortcode to page B: [insert page="page_A_slug" display="all"]
Affects Plugins
Fixed in version 3.7.0
References
Classification
Miscellaneous
Original Researcher
Francesco Carlucci
Submitter
Francesco Carlucci
Submitter website
Submitter twitter
Verified
Yes
Timeline
Publicly Published
2021-10-18 (about 11 months ago)
Added
2021-10-18 (about 11 months ago)
Last Updated
2022-04-16 (about 5 months ago)