WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Data Tables Generator by Supsystic < 1.10.20 - Admin+ Stored Cross-Site Scripting

Description

The plugin does not sanitise and escape some of its Table settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)

Proof of Concept

Create/edit a table, go to its settings, enabled the Signature (in Main Settings tab) and put the following payload in the Signature Text textarea: <svg/onload=alert(/XSS/)>

The XSS will be triggered in a page/post where the table is embed

Affects Plugins

data-tables-generator-by-supsystic
Fixed in version 1.10.20

References

CVE
CVE-2022-2114

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

iohex

Submitter

iohex

Submitter twitter
iohehe
Verified

Yes

WPVDB ID
59911ba4-fa06-498a-9e7c-0c337cce691c

Timeline

Publicly Published

2022-06-22 (about 9 months ago)

Added

2022-06-22 (about 9 months ago)

Last Updated

2022-06-22 (about 9 months ago)

Our Other Services

WPScan WordPress Security Plugin