WordPress Plugin Vulnerabilities

WHMCS Bridge < 6.4b - Reflected Cross-Site Scripting (XSS)

Description

The plugin does not sanitise and escape the error parameter before outputting it back in admin dashboard, leading to a Reflected Cross-Site Scripting

Proof of Concept

http://example.com/wp-admin/options-general.php?page=cc-ce-bridge-cp&error=%3Cimg%20src%20onerror=alert(1)%3E

Affects Plugins

Plugin icon
whmcs-bridge
Fixed in 6.4b

References

CVE
CVE-2021-25112
URL
https://plugins.trac.wordpress.org/changeset/2659751

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Original Researcher
Krzysztof Zając
Submitter
Krzysztof Zając
Submitter website
https://kazet.cc/
Verified
Yes
WPVDB ID
4aae2dd9-8d51-4633-91bc-ddb53ca3471c

Timeline

Publicly Published
2022-01-27 (about 2 years ago)
Added
2022-01-27 (about 2 years ago)
Last Updated
2022-04-16 (about 2 years ago)

Other

Published
Title
Published
2023-04-19
Title
ARMember < 4.0.2 - Reflected XSS
Published
2022-04-11
Title
Photo Gallery < 1.6.3 - Reflected Cross-Site Scripting
Published
2019-05-16
Title
Woocommerce Products Price Bulk Edit <= 2.0 - XSS
Published
2023-10-02
Title
Click To Tweet <= 2.0.14 - Reflected XSS
Published
2024-03-25
Title
Simple Buttons Creator <= 1.04 - Unauthenticated Stored XSS