MDx < 2.0.4 – Authenticated (Contributor+) Stored Cross-Site Scripting via mdx_list_item Shortcode | CVE 2024-6639 | Theme Vulnerabilities

Description

The MDx theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mdx_list_item' shortcode in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Affects Themes

Fixed in 2.0.4

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/23ae17a6-a745-42c4-8627-ad1c41b66e0e

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Carson Chan

Verified

No

WPVDB ID

53b06b4a-258d-41ae-a722-382e07d5bb10

Timeline

Publicly Published

2024-08-09 (about 1 year ago)

Added

2024-08-09 (about 1 year ago)

Last Updated

2024-08-12 (about 1 year ago)

Other

Published

Title

Published

2023-12-26

Title

HT Mega < 2.3.9 - Reflected Cross-Site Scripting

Published

2021-09-15

Title

Dflip Lite < 1.7.10 - Contributor+ Stored Cross-Site Scripting

Published

2024-11-04

Title

Loginplus <= 1.2 - Unauthenticated Stored Cross-Site Scripting

Published

2024-09-30

Title

123.chat - Video Chat <= 1.3.1 - Unauthenticated Stored Cross-Site Scripting

Published

2024-10-24

Title

Shoutcast Icecast HTML5 Radio Player <= 2.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting