WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

You Shang <= 1.0.1 - Authenticated Stored Cross-Site Scripting

Description

The plugin does not escape its qrcode links settings, which result into Stored Cross-Site Scripting issues in frontend posts and the plugins settings page depending on the payload used

Proof of Concept

Put the following payload in the wechat_qrcode settings of the plugin: http://127.0.0.1/"onerror=alert(/XSS/)// and the XSS will be triggered in all frontend posts

The following payload could also be used to only trigger in the plugin's settings page: " style=animation-name:rotation onanimationstart=alert(/XSS/)//

Affects Plugins

you-shang
No known fix - plugin closed

References

CVE
CVE-2021-24597

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

[email protected] inc

Submitter

[email protected] inc

Verified

Yes

WPVDB ID
37554d0e-68e2-4df9-8c59-65f5cd7f184e

Timeline

Publicly Published

2021-07-30 (about 1 years ago)

Added

2021-08-19 (about 11 months ago)

Last Updated

2022-04-09 (about 4 months ago)

Our Other Services

WPScan WordPress Security Plugin