ThinkTwit < 1.7.1 – Authenticated Stored Cross-Site Scripting (XSS) | CVE 2021-24582 | Plugin Vulnerabilities

Description

The plugin did not sanitise or escape its "Consumer key" setting before outputting it its settings page, leading to a Stored Cross-Site Scripting issue.

Proof of Concept

Put the following payload in the "Consumer key" setting of the plugin (/wp-admin/options-general.php?page=thinktwit):
- v < 1.6.7 : "><script>alert(/XSS/)</script>
- v < 1.7.1 : " style=animation-name:rotation onanimationstart=alert(/XSS/)//

Affects Plugins

Fixed in 1.7.1

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Vinit Yashwantrao

Submitter

Vinit Yashwantrao

Verified

Yes

WPVDB ID

5a5293ed-ddcb-4a63-9420-09942e7d69c2

Timeline

Publicly Published

2021-08-18 (about 2 years ago)

Added

2021-08-18 (about 2 years ago)

Last Updated

2022-04-09 (about 2 years ago)

Other

Published

Title

Published

2024-03-18

Title

PowerPack Lite for Beaver Builder < 1.3.0.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via element link

Published

2020-08-17

Title

NextGEN Gallery Sell Photo <= 1.0.4 - Authenticated Stored Cross-Site Scripting

Published

2022-10-10

Title

Newspaper < 12 - Reflected Cross-Site Scripting

Published

2024-04-01

Title

Beaver Builder < 2.8.0.7 - Contributor+ Stored XSS

Published

2017-03-01

Title

Gwolle Guestbook <= 2.1.0 - Unauthenticated Stored Cross-Site Scripting (XSS)