WordPress Plugin Vulnerabilities

WP Home Page Menu < 3.1 - Admin+ Stored Cross-Site Scripting

Description

The plugin does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

Proof of Concept

Put the following payload in any of text field settings of the plugin (such as 'Home Page Menu Label'): "><svg onload=alert(/XSS/)>

Affects Plugins

wp-home-page-menu

Fixed in version 3.1

References

CVE

CVE-2022-0684

URL

https://plugins.trac.wordpress.org/changeset/2681478

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Original Researcher

fuzzyap1

Submitter

fuzzyap1

Verified

Yes

WPVDB ID

69b178f3-5951-4879-9bbe-183951d002ec

Timeline

Publicly Published

2022-02-21 (about 4 months ago)

Added

2022-02-21 (about 4 months ago)

Last Updated

2022-04-12 (about 2 months ago)

Our Other Services

WPScan WordPress Security Plugin