Multiple Plugins – Cross-Site Scripting From Third-party Library | CVE 2023-1119 | Plugin Vulnerabilities

Description

The plugins use a third-party library that removes the escaping on some HTML characters, leading to a cross-site scripting vulnerability.

Proof of Concept

WP-Optimize - Reflected Cross-Site Scripting

1. Go to the plugin settings and in the "Images" section check the box "Create WebP version of image".
2. Visit the page: /?s=<script>alert(/XSS/)</script>

SrbTransLatin - Contributor+ Stored Cross-Site Scripting

1. Create a post and add the following content: <script>alert(/XSS/)</script>
2. Load the post on the frontend, and see the XSS alert.

Affects Plugins

Fixed in 3.2.13

Fixed in 2.4.1

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Paolo Elia

Submitter

Paolo Elia

Verified

Yes

WPVDB ID

2e78735a-a7fc-41fe-8284-45bf451eff06

Timeline

Publicly Published

2023-06-19 (about 1 years ago)

Added

2023-06-19 (about 1 years ago)

Last Updated

2023-08-14 (about 10 months ago)

Other

Published

Title

Published

2018-12-13

Title

WordPress <= 5.0 - Authenticated Cross-Site Scripting (XSS)

Published

2023-03-29

Title

Mega Main Menu <= 2.2.2 - Admin+ Stored XSS

Published

2022-05-02

Title

WP Meta SEO < 4.4.7 - Admin+ Stored Cross-Site Scripting via breadcrumbs

Published

2021-08-13

Title

Add Sidebar <= 2.0.0 - Reflected Cross-Site Scripting

Published

2015-05-06

Title

Facebook Page Photo Gallery <= 2.0.9 - DOM Cross-Site Scripting (XSS)