WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Photo Gallery by 10web < 1.5.69 - Reflected Cross-Site Scripting (XSS)

Description

The plugin did not properly sanitise the bwg_search_X GET parameter, available in a frontend gallery when the Show Search Box setting is enabled (disabled by default), leading to a reflected Cross-Site Scripting issue

Proof of Concept

Append the below payload in a page with an embedded gallery and the Show Search Box setting enabled (in Global Settings > Gallery Views)

?bwg_search_0=" onfocus="alert(/XSS/)

Affects Plugins

photo-gallery
Fixed in version 1.5.69

References

URL
https://plugins.trac.wordpress.org/changeset/2476338

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter

WPScanTeam

Verified

Yes

WPVDB ID
6e5f0e04-36c0-4fb6-8194-fe32c15cb3b5

Timeline

Publicly Published

2021-02-23 (about 2 years ago)

Added

2021-02-23 (about 2 years ago)

Last Updated

2021-02-23 (about 2 years ago)

Our Other Services

WPScan WordPress Security Plugin