logoWordPressPluginsThemesAPISubmitContact
search-icon
logo
search-icon
WordPressPluginsThemesAPISubmitContactSecurity Scanner
Register

Photo Gallery by 10web < 1.5.69 - Reflected Cross-Site Scripting (XSS)

Description

The plugin did not properly sanitise the bwg_search_X GET parameter, available in a frontend gallery when the Show Search Box setting is enabled (disabled by default), leading to a reflected Cross-Site Scripting issue

Proof of Concept

Append the below payload in a page with an embedded gallery and the Show Search Box setting enabled (in Global Settings > Gallery Views)

?bwg_search_0=" onfocus="alert(/XSS/)

Affects Plugins

photo-gallery

Fixed in version 1.5.69

References

URL

https://plugins.trac.wordpress.org/changeset/2476338

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Submitter

WPScanTeam

Verified

Yes

WPVDB ID

6e5f0e04-36c0-4fb6-8194-fe32c15cb3b5

Timeline

Publicly Published

2021-02-23 (about 11 months ago)

Added

2021-02-23 (about 11 months ago)

Last Updated

2021-02-23 (about 11 months ago)

Our Other Services

WPScan WordPress Security Plugin