WordPress Plugin Vulnerabilities

BP Profile Shortcodes Extra < 2.5.3 - Contributor+ Stored XSS

Description

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks

Affects Plugins

Plugin icon
bp-profile-shortcodes-extra
Fixed in 2.5.3

References

CVE
CVE-2023-47815
URL
https://patchstack.com/database/vulnerability/bp-profile-shortcodes-extra/wordpress-bp-profile-shortcodes-extra-plugin-2-5-2-cross-site-scripting-xss-vulnerability

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
5.9 (medium)

Miscellaneous

Original Researcher
Ngô Thiên An (ancorn_)
Verified
No
WPVDB ID
45f8850d-6c1f-45de-919d-27f7605d3e62

Timeline

Publicly Published
2023-11-15 (about 2 years ago)
Added
2023-11-23 (about 2 years ago)
Last Updated
2024-02-26 (about 2 years ago)

Other

Published
Title
Published
2024-03-25
Title
Locatoraid Store Locator < 3.9.31 - Authenticated (Administrator+) Stored Cross-Site Scripting
Published
2024-12-02
Title
WP Mailster < 1.8.18.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2022-02-21
Title
SEO 301 Meta <= 1.9.1 - Admin+ Stored Cross-Site Scripting
Published
2014-04-28
Title
Keyword Strategy Internal Links <= 2.0 - XSS
Published
2023-07-12
Title
Variation Swatches for WooCommerce < 2.3.8 - Reflected Cross-Site Scripting