WordPress Plugin Vulnerabilities

OpenID Connect Generic Client 3.8.0-3.8.1 - Reflected Cross Site Scripting (XSS) via Login Error

Description

The plugin did not sanitise the login error when output back in the login form, leading to a reflected Cross-Site Scripting issue. This issue does not require authentication and can be exploited with the default configuration.

Proof of Concept

https://example.com/wp-login.php?login-error=%3Cscript%3Ealert(0)%3C/script%3E

Affects Plugins

Plugin icon
daggerhart-openid-connect-generic
Fixed in 3.8.2

References

CVE
CVE-2021-24214
URL
https://plugins.trac.wordpress.org/changeset/2502620/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Original Researcher
Austin Bentley
Submitter
Austin Bentley
Submitter website
https://bentl.ee
Verified
Yes
WPVDB ID
31cf0dfb-4025-4898-a5f4-fc7115565a10

Timeline

Publicly Published
2021-04-07 (about 3 years ago)
Added
2021-04-07 (about 3 years ago)
Last Updated
2021-04-08 (about 3 years ago)

Other

Published
Title
Published
2023-06-05
Title
WP ERP < 1.12.4 - Reflected Cross-Site Scripting
Published
2021-03-26
Title
Vertical News Scroller < 1.17 - Authenticated Reflected Cross-Site Scripting (XSS)
Published
2021-10-28
Title
Hotel Listing < 1.3.3 - Authenticated Stored Cross-Site Scripting
Published
2023-05-10
Title
Brands for WooCommerce < 3.8.2 - Contributor+ Stored XSS
Published
2023-11-07
Title
Restrict Categories <= 2.6.4 - Reflected XSS