WordPress Plugin Vulnerabilities
WP Inventory Manager < 2.1.0.12 - Reflected XSS
Description
The plugin does not sanitise and escape the message parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrators.
Proof of Concept
On a page where the [wpinventory] shortcode is embed, append the following payload: message=<script>alert(/XSS/)</script> For example: https://example.com/inventory?message=<script>alert(/XSS/)</script>
Affects Plugins
References
CVE
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Maurice Fielenbach
Submitter
Maurice Fielenbach
Submitter website
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2023-04-12 (about 1 years ago)
Added
2023-04-12 (about 1 years ago)
Last Updated
2023-04-12 (about 1 years ago)