WordPress Plugin Vulnerabilities

WP Statistics < 12.0.9 - Authenticated Reflected Cross-Site Scripting (XSS)

Description

Version 12.0.8.1 and below of the WP Statistics WordPress Plugin was found to be vulnerable to Authenticated Reflected Cross-Site Scripting (XSS). The 'ip' GET parameter on the 'wps_visitors_page' page is output to a page without first being validated, sanitised or output encoded. This leads to Authenticated Reflected Cross-Site Scripting (XSS), which could allow attackers to compromise a WordPress application by tricking an authenticated administrator user into clicking on a specially crafted link.

Please note that other potential instances of Authenticated XSS were identified, however, were protected by Cross-Site Request Forgery (CSRF) nonces.

This issue was patched within hours by the vendor in version 12.0.9.

Proof of Concept

Affects Plugins

Plugin icon
wp-statistics
Fixed in 12.0.9

References

URL
https://github.com/wp-statistics/wp-statistics/commit/82d06cd069fd9ce0a5d2fedaf1885423d67a1c25

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
Yes
WPVDB ID
588d0b7d-a769-4697-b76f-59f8930596a8

Timeline

Publicly Published
2017-07-03 (about 8 years ago)
Added
2017-07-03 (about 8 years ago)
Last Updated
2019-11-01 (about 6 years ago)

Other

Published
Title
Published
2023-01-24
Title
Youzify < 1.2.2 - Contributor+ Stored XSS
Published
2019-09-05
Title
WordPress 5.2.2 - Cross-Site Scripting (XSS) in Stored Comments
Published
2025-01-24
Title
Auction Nudge – Your eBay on Your Site < 7.2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
Published
2025-03-19
Title
Zielke Design Project Gallery <= 2.5.0 - Reflected Cross-Site Scripting
Published
2015-07-28
Title
Flickr Justified Gallery < 3.4.0 - Reflected Cross-Site Scripting (XSS)