WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Quizlord <= 2.0 - Admin+ Stored XSS

Description

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

Proof of Concept

1. Go to Quizlord » Add a quiz
2. In the input field 'Title', add the payload - "><script>alert(/XSS/)</script>
3. Click the Save button to see the XSS alert.

Affects Plugins

quizlord
No known fix - plugin closed

References

CVE
CVE-2022-4112

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

Machupalli Sree Pragna

Submitter

Machupalli Sree Pragna

Submitter website
https://www.linkedin.com/in/sreepragna/
Verified

Yes

WPVDB ID
4cbce79d-9b7a-41f5-9c52-08933ea7c28e

Timeline

Publicly Published

2022-11-19 (about 6 months ago)

Added

2022-11-24 (about 6 months ago)

Last Updated

2022-11-24 (about 6 months ago)

Our Other Services

WPScan WordPress Security Plugin