WordPress Plugin Vulnerabilities

GiveWP < 2.12.0 - Admin+ Stored XSS

Description

The plugin did not escape the Donation Level setting of its Donation Forms, allowing high privilege users to use Cross-Site Scripting payloads in them.

Proof of Concept

Put the following payload in any Donation Level Text field of a Donation Form (ie /wp-admin/post.php?post=9&action=edit&give_tab=form_field_options#form_field_options): "onmouseover=alert(/XSS/)//

Then view a page/post with the embed Donation Form and move the mouse over the related Donation Level the payload was injected in to trigger the XSS

Affects Plugins

Plugin icon
give
Fixed in 2.12.0

References

CVE
CVE-2021-24524
URL
https://www.hackpertise.com/cve/5-cve-2021-24524/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
4.8 (medium)

Miscellaneous

Original Researcher
Asif Nawaz Minhas
Submitter
Asif Nawaz Minhas
Verified
Yes
WPVDB ID
5a4774ec-c0ee-4c6b-92a6-fa10821ec336

Timeline

Publicly Published
2021-07-26 (about 2 years ago)
Added
2021-07-26 (about 2 years ago)
Last Updated
2023-04-12 (about 1 years ago)

Other

Published
Title
Published
2023-01-24
Title
Markup <= 4.8.1 - Contributor+ Stored XSS via Shortcode
Published
2015-04-16
Title
FooBox Image Lightbox <= 1.0.4 - Cross-Site Scripting (XSS)
Published
2021-12-08
Title
Fathom Analytics < 3.0.5 - Admin+ Stored Cross-Site Scripting
Published
2022-05-16
Title
FiboSearch < 1.18.0 - Admin+ Stored Cross-Site Scripting
Published
2012-08-08
Title
Mini Mail Dashboard Widget 1.42 - Message Body XSS