WordPress Plugin Vulnerabilities
WP-Lister Lite for Amazon < 2.4.4 - Reflected XSS
Description
The plugin does not sanitize and escapes a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which can be used against high-privilege users such as admin.
Proof of Concept
1. Install and activate WooCommerce (dependency, no setup required) 2. Install and activate the vulnerable plugin (wp-lister-for-amazon 2.4.2) Make a logged-in admin and open the following URL: https://example.com/wp-admin/admin.php?page=wpla-settings&tab=accounts&spapi_oauth_code=x&selling_partner_id=xxx"><script>alert(`xss`)</script>
Affects Plugins
References
CVE
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
cydave
Submitter
cydave
Submitter website
Submitter twitter
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2022-12-09 (about 1 years ago)
Added
2022-12-09 (about 1 years ago)
Last Updated
2022-12-09 (about 1 years ago)