WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

WP RSS Aggregator < 4.19.2 - Admin+ Stored Cross-Site Scripting

Description

The plugin does not properly sanitise and escape the URL to Blacklist field, allowing malicious HTML to be inserted by high privilege users even when the unfiltered_html capability is disallowed, which could lead to Cross-Site Scripting issues.

Proof of Concept

Add an URL to Blacklist (RSS Aggregator > Tools > Blacklist) with the following payload int he "URL to blacklist" field: <img/src/onerror=alert(/XSS/)>

Affects Plugins

wp-rss-aggregator
Fixed in version 4.20

References

CVE
CVE-2021-24768

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

Huy Nguyen

Submitter

Huy Nguyen

Submitter website
https://www.linkedin.com/in/id-laladee/
Verified

Yes

WPVDB ID
3673e13f-7ce6-4d72-b179-ae4bab55514c

Timeline

Publicly Published

2021-11-01 (about 10 months ago)

Added

2021-11-01 (about 10 months ago)

Last Updated

2022-04-09 (about 5 months ago)

Our Other Services

WPScan WordPress Security Plugin