WP phpMyAdmin < 5.2.0.4 – Admin+ Stored Cross-Site Scripting | CVE 2022-2407 | Plugin Vulnerabilities

Description

The plugin does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)

Proof of Concept

Put the following payload in the "phpMyAdmin on hosting" settings (/wp-admin/admin.php?page=wp-phpmyadmin-extension) of the plugin: "autofocus onfocus=alert(/XSS/)//

Affects Plugins

wp-phpmyadmin-extension

Fixed in 5.2.0.4

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Raad Haddad of Cloudyrion GmbH

Submitter

Raad Haddad of Cloudyrion GmbH

Submitter twitter

Verified

Yes

WPVDB ID

5be611e8-5b7a-4579-9757-45a4c94a53ca

Timeline

Publicly Published

2022-08-01 (about 1 years ago)

Added

2022-08-01 (about 1 years ago)

Last Updated

2023-05-01 (about 1 years ago)

Other

Published

Title

Published

2014-12-05

Title

Shariff for WordPress <= 1.0.7 - Stored Cross-Site Scripting (XSS)

Published

2014-08-01

Title

Social Sharing Toolkit 2.1.1 - Unspecified XSS

Published

2020-01-15

Title

ListingPro < 2.5.4 - Unauthenticated Reflected Cross-Site Scripting

Published

2022-01-03

Title

NextScripts: Social Networks Auto-Poster < 4.3.24 - Unauthenticated Stored XSS

Published

2022-01-17

Title

Magee Shortcodes < 2.0.9 - Reflected Cross-Site Scripting