WordPress Plugin Vulnerabilities
Connections Business Directory < 10.4.3 - Admin+ Stored Cross-Site Scripting
Description
The plugin does not escape the Address settings when creating an Entry, which could allow high privilege users to perform Cross-Site Scripting when the unfiltered_html capability is disallowed.
Proof of Concept
Add an Entry (/wp-admin/admin.php?page=connections_add) and put the following payload in the Address Line fields: inval1d"><img src onerror=alert('xss')> The XSS will be triggered when accessing Manage page (/wp-admin/admin.php?page=connections_manage)
Affects Plugins
References
CVE
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Huy Nguyen
Submitter
Huy Nguyen
Submitter website
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2021-09-28 (about 2 years ago)
Added
2021-09-28 (about 2 years ago)
Last Updated
2022-04-08 (about 2 years ago)