WordPress Plugin Vulnerabilities

Data Tables Generator by Supsystic < 1.10.1 - Authenticated Stored Cross-Site Scripting (XSS)

Description

The "Editor" tab under the "Tables" section is vulnerable to stored XSS. It is possible to store XSS in all input fields as the code does not sanitise any of the user input.

Proof of Concept

Open a Table, go to the editor and enter a payload below in a cell, then save the Table

<= 1.9.99 - <img src onerror=alert(/XSS/)>
<= 1.10.0 - <svg><animate onbegin=alert(/XSS/) attributeName=x dur=1s>

Affects Plugins

Plugin icon
data-tables-generator-by-supsystic
Fixed in 1.10.1

References

Exploitdb
49543

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
5.5 (medium)

Miscellaneous

Original Researcher
Erik David Martin
Verified
Yes
WPVDB ID
56e6afec-e337-432e-a879-99f46547c241

Timeline

Publicly Published
2021-02-08 (about 2 years ago)
Added
2021-02-08 (about 2 years ago)
Last Updated
2021-02-10 (about 2 years ago)

Other

Published
Title
Published
2014-08-01
Title
Events Manager 5.3.3 - Multiple Cross-Site Scripting (XSS)
Published
2021-09-28
Title
Restaurant Menu by MotoPress < 2.4.2 - Admin+ Stored Cross Site Scripting
Published
2015-05-14
Title
Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scripting (XSS)
Published
2014-08-01
Title
scarlet <= 1.1.3 - XSS in ZeroClipboard.swf
Published
2021-03-28
Title
Advanced Booking Calendar < 1.6.7 - Authenticated Reflected Cross-Site Scripting (XSS)