WordPress Plugin Vulnerabilities

InventoryPress <= 1.7 - Author+ Stored XSS

Description

The plugin does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks.

Proof of Concept

1. Create a "New Inventory Item"
2. In the "Description" field, add the value `"><script>alert("xss")</script>`
3. Edit the created item and see the XSS.

Affects Plugins

Plugin icon
inventorypress
No known fix

References

CVE
CVE-2023-2579
URL
https://github.com/daniloalbuqrque/poc-cve-xss-inventory-press-plugin

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.8 (medium)

Miscellaneous

Original Researcher
daniloalbuqrque
Submitter
daniloalbuqrque
Submitter website
https://github.com/daniloalbuqrque
Verified
Yes
WPVDB ID
3cfcb8cc-9c4f-409c-934f-9f3f043de6fe

Timeline

Publicly Published
2023-06-23 (about 10 months ago)
Added
2023-06-23 (about 10 months ago)
Last Updated
2023-06-23 (about 10 months ago)

Other

Published
Title
Published
2023-03-16
Title
WP Tiles <= 1.1.2 - Contributor+ Stored XSS
Published
2019-05-13
Title
Photo Gallery by 10Web <= 1.5.22 - Authenticated XSS
Published
2022-09-27
Title
Forym <= 1.5.8 - Reflected Cross-Site Scripting
Published
2017-08-21
Title
Liveforms < 3.4.0 - XSS
Published
2023-09-13
Title
Awesome Weather Widget for WordPress <= 3.0.2 - Contributor+ Stored XSS