logoWordPressPluginsThemesAPISubmitContact
search-icon
logo
search-icon
WordPressPluginsThemesAPISubmitContactSecurity Scanner
Register

You Shang <= 1.0.1 - Authenticated Stored Cross-Site Scripting

Description

The plugin does not escape its qrcode links settings, which result into Stored Cross-Site Scripting issues in frontend posts and the plugins settings page depending on the payload used

Proof of Concept

Put the following payload in the wechat_qrcode settings of the plugin: http://127.0.0.1/"onerror=alert(/XSS/)// and the XSS will be triggered in all frontend posts

The following payload could also be used to only trigger in the plugin's settings page: " style=animation-name:rotation onanimationstart=alert(/XSS/)//

Affects Plugins

you-shang

No known fix - plugin closed

References

CVE

CVE-2021-24597

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Original Researcher

[email protected] inc

Submitter

[email protected] inc

Verified

Yes

WPVDB ID

37554d0e-68e2-4df9-8c59-65f5cd7f184e

Timeline

Publicly Published

2021-07-30 (about 5 months ago)

Added

2021-08-19 (about 5 months ago)

Last Updated

2021-08-19 (about 5 months ago)

Our Other Services

WPScan WordPress Security Plugin