WordPress Plugin Vulnerabilities

Login with phone number < 1.3.8 - Multiple Admin+ Stored XSS

Description

The plugin does not sanitise and escape plugin settings which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

Proof of Concept

Affects Plugins

Plugin icon
login-with-phone-number
Fixed in 1.3.8

References

CVE
CVE-2022-0598

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
3.4 (low)

Miscellaneous

Original Researcher
Michal Lipinski
Submitter
Michal Lipinski
Submitter website
https://beastiecode.com
Verified
Yes
WPVDB ID
4688d39e-ac9b-47f5-a4c1-f9548b63c68c

Timeline

Publicly Published
2022-07-05 (about 3 years ago)
Added
2022-07-05 (about 3 years ago)
Last Updated
2023-04-08 (about 2 years ago)

Other

Published
Title
Published
2015-04-20
Title
Jetpack 3.0-3.4.2 - Cross-Site Scripting (XSS)
Published
2021-06-28
Title
Post Grid < 2.1.8 - Reflected Cross-Site Scripting (XSS)
Published
2023-02-14
Title
WP Prayer < 1.9.7 - Admin+ Stored XSS
Published
2019-05-15
Title
Give < 2.4.7 - Stored XSS
Published
2021-07-14
Title
Current Book <= 1.0.1 - Authenticated Stored Cross-Site Scripting (XSS)