WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

CDI < 5.1.9 - Reflected Cross-Site-Scripting

Description

The plugin does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting

Proof of Concept

https://example.com/wp-admin/admin-ajax.php?action=cdi_collect_follow&trk=%3Cscript%3Ealert(`xss`)%3C/script%3E

Note: PHP must be configured with --enable-soap as the plugin appears to import 'SoapClient', which when not found produces an error while installing the plugin.

Affects Plugins

collect-and-deliver-interface-for-woocommerce
Fixed in version 5.1.9

References

CVE
CVE-2022-1933

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

cydave

Submitter

cydave

Submitter website
https://cyllective.com/
Submitter twitter
cyllective
Verified

Yes

WPVDB ID
6cedb27f-6140-4cba-836f-63de98e521bf

Timeline

Publicly Published

2022-06-21 (about 9 months ago)

Added

2022-06-21 (about 9 months ago)

Last Updated

2023-03-26 (about 2 days ago)

Our Other Services

WPScan WordPress Security Plugin