WordPress Plugin Vulnerabilities
Simple Share Buttons Adder <= 6.0.0 - Reflected Cross-Site Scripting (XSS)
Description
A reflected XSS in "Simple Share Buttons Adder" before version 6.0.1 lead to a reflected cross-site scripting vulnerability on all pages where the "Simple Share Buttons Adder" was added (usually all blog posts).
Exploitation required that the browser did not encode the parameters sent to the server. Most prominently this thus affects Internet Explorer but is not exploitable on recent versions of Chrome or Firefox.
Proof of Concept
curl "http://output.com/index.php/2015/06/02/hello-world/?<script>alert(1)</script>" will result in: <a class="ssba_google_share" href="https://plus.google.com/share?url=http://output.com/2015/06/02/hello-world?<script>alert(1)</script>" Patch in ssba_current_url can be found at https://plugins.trac.wordpress.org/changeset/1172761/simple-share-buttons-adder/trunk
Affects Plugins
References
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Submitter
Lukas Reschke
Submitter website
Verified
No
WPVDB ID
Timeline
Publicly Published
2015-06-02 (about 8 years ago)
Added
2015-06-02 (about 8 years ago)
Last Updated
2020-09-22 (about 3 years ago)