WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

WP24 Domain Check < 1.6.3 - Authenticated Stored Cross-Site Scripting (XSS)

Description

The plugin version 1.6.2 and possibly below, was vulnerable to Stored Cross-Site Scripting (XSS) in the plugin's fieldnameDomain settings parameter.

The form did require a valid CSRF nonce, limiting the exploitability of the vulnerability.

Proof of Concept

In the plugin's advanced settings (wp-admin/options-general.php?page=wp24_domaincheck_settings&tab=advanced), put the following payload in the Domain fieldname input:
" onfocus=alert(/XSS/); autofocus=

Affects Plugins

wp24-domain-check
Fixed in version 1.6.3

References

ExploitDB
49377

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

Mehmet Kelepce

Verified

No

WPVDB ID
4c4075de-c6e0-4130-8cad-a4ea5311f5ea

Timeline

Publicly Published

2021-01-06 (about 2 years ago)

Added

2021-01-11 (about 2 years ago)

Last Updated

2021-01-26 (about 2 years ago)

Our Other Services

WPScan WordPress Security Plugin