WordPress Plugin Vulnerabilities

Display post meta, term meta, comment meta, and user meta <= 1.0.0 - Contributor+ Stored XSS

Description

The plugin does not validate and escape post metadata before outputting it back into the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high-privilege users such as admins.

Affects Plugins

Plugin icon
display-metadata
No known fix

References

CVE
CVE-2023-1661
URL
https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/display-metadata/display-post-meta-term-meta-comment-meta-and-user-meta-041-authenticatedcontributor-stored-cross-site-scripting

Miscellaneous

Original Researcher
Francesco Carlucci
Verified
No
WPVDB ID
3dc19178-840d-4dde-a4a3-873a072bd11e

Timeline

Publicly Published
2023-05-30 (about 3 years ago)
Added
2023-05-31 (about 3 years ago)
Last Updated
2025-01-09 (about 1 year ago)

Other

Published
Title
Published
2020-01-15
Title
Flamingo < 2.1.1 - CSV Injection
Published
2024-10-14
Title
Adding drop down roles in registration <= 1.1 - Unauthenticated Privilege Escalation
Published
2026-01-15
Title
Rede Itaú for WooCommerce — Payment PIX, Credit Card and Debit < 5.1.6 - Missing Authorization to Unauthenticated Rede Order Logs Deletion
Published
2014-08-01
Title
Awake 3.3 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion
Published
2025-01-29
Title
WooCommerce Wishlist < 1.8.8 - Unauthenticated Wishlist Disclosure via download_pdf_file Function