logoWordPressPluginsThemesAPISubmitContact
search-icon
logo
search-icon
WordPressPluginsThemesAPISubmitContactSecurity Scanner
Register

WP24 Domain Check < 1.6.3 - Authenticated Stored Cross-Site Scripting (XSS)

Description

The plugin version 1.6.2 and possibly below, was vulnerable to Stored Cross-Site Scripting (XSS) in the plugin's fieldnameDomain settings parameter.

The form did require a valid CSRF nonce, limiting the exploitability of the vulnerability.

Proof of Concept

In the plugin's advanced settings (wp-admin/options-general.php?page=wp24_domaincheck_settings&tab=advanced), put the following payload in the Domain fieldname input:
" onfocus=alert(/XSS/); autofocus=

Affects Plugins

wp24-domain-check

Fixed in version 1.6.3

References

ExploitDB

49377

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Original Researcher

Mehmet Kelepce

Verified

No

WPVDB ID

4c4075de-c6e0-4130-8cad-a4ea5311f5ea

Timeline

Publicly Published

2021-01-06 (about 4 months ago)

Added

2021-01-11 (about 3 months ago)

Last Updated

2021-01-26 (about 3 months ago)

Our Other Services

WPScan WordPress Security Plugin