The plugin does not sanitize and escape some campaign parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks
Create/edit a campaign (such as a Black Friday one), check the "Use Opt-in / Subscription / Lead capture form" settings and put the following payload in the "message_data[6130][form_header]" and "message_data[6130][form_footer]" fields: <img src onerror=alert(/XSS/)> The XSS will be triggered when viewing/previewing the campaign
Pritam Dash
Pritam Dash
Yes
2022-06-01 (about 1 years ago)
2022-06-01 (about 1 years ago)
2023-03-01 (about 6 months ago)