Computer Repair Shop < 2.0 – Authenticated Stored XSS | Plugin Vulnerabilities

Description

Computer Repair Shop is vulnerable to stored XSS. When a user has admin capabilities, malicious code can be submitted through the plugin's options. Fixed in version 2.0.

Proof of Concept

The plugin's options provided a basic HTML validation, which could be bypassed by copying + pasting malicious code into the text-field. The last character would be stripped from the code. After posting, malicious code could be executed by the browser. 

Proof of concept video: https://youtu.be/qulQTOqAyL4

Affects Plugins

computer-repair-shop

Fixed in 2.0

References

URL

https://jrjmulder.nl/plugins/computer-repair-shop/

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

Miscellaneous

Original Researcher

Jeroen Mulder

Submitter

Jeroen Mulder

Submitter website

https://jrjmulder.nl

Verified

No

WPVDB ID

454cff38-a305-43ca-a25f-a83e6ab569c2

Timeline

Publicly Published

2020-01-13 (about 6 years ago)

Added

2020-01-13 (about 6 years ago)

Last Updated

2020-01-14 (about 6 years ago)

Other

Published

Title

Published

2021-06-28

Title

Migrate Users <= 1.0.1 - CSRF to Stored Cross-Site Scripting (XSS)

Published

2021-11-08

Title

Bookly < 20.3.1 - Staff Member Stored Cross-Site Scripting

Published

2025-04-10

Title

iCal Feeds <= 1.5.3 - Reflected Cross-Site Scripting

Published

2024-03-25

Title

Woo Viet < 1.5.3 - Authenticated (Administrator+) Stored Cross-Site Scripting

Published

2015-02-23

Title

EZ Portfolio <= 1.0.1 - Multiple Cross-Site Scripting (XSS)