WordPress Plugin Vulnerabilities
WP Word Count < 3.2.4 - Admin+ Stored Cross-Site Scripting
Description
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed.
Proof of Concept
Put the following payload in the "Before Label" or "After Label" settings of the plugin (Word Count > Reading Time)and save : "autofocus onfocus=alert(/XSS/)//
Affects Plugins
Fixed in version 3.2.4
References
Classification
Miscellaneous
Timeline
Publicly Published
2022-10-06 (about 11 months ago)
Added
2022-10-06 (about 11 months ago)
Last Updated
2023-04-18 (about 5 months ago)