Themes Vulnerabilities

Listeo < 1.6.11 - Multiple XSS & XFS vulnerabilities

Description

The theme did not properly sanitise some parameters in its Search, Booking Confirmation and Personal Message pages, leading to Cross-Site Scripting issues

- Unauthenticated Reflected XSS | Search query, vulnerable parameter(s): keyword_search and location_search

- Authenticated Persistent XSS & XFS | Booking confirmation, vulnerable parameter(s): firstname, lastname, email, phone and message

- Authenticated Persistent XSS & XFS | Personal messages: action=listeo_send_message&recipient=&referral=author_archive&message=

Proof of Concept

Affects Themes

listeo
Fixed in 1.6.11

References

CVE
CVE-2021-24317
URL
https://m0ze.ru/vulnerability/%5B2021-02-10%5D-%5BWordPress%5D-%5BCWE-79%5D-Listeo-WordPress-Theme-v1.6.10.txt

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Original Researcher
m0ze
Submitter
m0ze
Submitter website
https://m0ze.ru
Submitter twitter
vladm0ze
Verified
No
WPVDB ID
704d8886-df9e-4217-88d1-a72a71924174

Timeline

Publicly Published
2021-05-16 (about 4 years ago)
Added
2021-05-16 (about 4 years ago)
Last Updated
2021-05-17 (about 4 years ago)

Other

Published
Title
Published
2024-08-26
Title
140+ Widgets | Xpro Addons For Elementor – FREE < 1.4.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Grid Widget
Published
2025-01-17
Title
Jet Engine < 3.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via list_tag Parameter
Published
2024-11-19
Title
Getwid – Gutenberg Blocks < 2.0.13 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2025-01-16
Title
Ui Slider Filter By Price <= 1.1 - Reflected Cross-Site Scripting
Published
2022-06-20
Title
WooCommerce PDF Invoices & Packing Slips < 2.16.0 - Reflected Cross-Site Scripting