Blog2Social < 7.2.1 – Reflected XSS | CVE 2023-3936 | Plugin Vulnerabilities

Description

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

Proof of Concept

Make a logged in admin open the URL below

https://example.com/wp-admin/admin.php?page=blog2social&origin=publish_post&deletePostStatus=success&deletedPostsNumber=1<img src onerror=alert(/XSS/)>

Affects Plugins

Fixed in 7.2.1

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Erwan LR (WPScan)

Submitter

Erwan LR (WPScan)

Verified

Yes

WPVDB ID

6d09a5d3-046d-47ef-86b4-c024ea09dc0f

Timeline

Publicly Published

2023-07-31 (about 9 months ago)

Added

2023-07-31 (about 9 months ago)

Last Updated

2023-07-31 (about 9 months ago)

Other

Published

Title

Published

2017-02-24

Title

GD Rating System < 2.1 - XSS

Published

2023-11-14

Title

eCommerce Product Catalog for WordPress < 3.3.27 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Published

2024-04-08

Title

Forminator < 1.29.3 - Contributor+ Stored Cross-Site Scripting via forminator_form Shortcode

Published

2021-07-31

Title

WP Dialog <= 1.2.5.5 - Authenticated Stored Cross-Site Scripting

Published

2022-10-12

Title

3com Asesor de Cookies <= 3.4.3 - Admin+ Stored XSS