Limit Login Attempts Reloaded < 2.16.0 - Authenticated Reflected Cross-Site Scripting

Description

The plugin does not properly sanitise user input in its options page, which could allow attackers to perform XSS attacks against logged in administrator by making them open a malicious URL

The issue was partially fixed in 2.15.1, and fully remediated in 2.16.0

Proof of Concept

https://example.com/wp-admin/options-general.php?page=limit-login-attempts&tab=d7raf%22%3E%3Cscript%3Ealert(1)%3C/script%3E

Affects Plugins

limit-login-attempts-reloaded

Fixed in version 2.16.0✓

References

CVE

CVE-2020-35589

URL

https://n4nj0.github.io/advisories/wordpress-plugin-limit-login-attempts-reloaded/

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Original Researcher

n4nj0

Verified

Yes

WPVDB ID

6d30da09-df37-49be-bb46-0e0fec90850f

Timeline

Publicly Published

2020-12-14 (about 4 months ago)

Added

2020-12-21 (about 4 months ago)

Last Updated

2020-12-22 (about 4 months ago)

Our Other Services

WPScan WordPress Security Plugin