WordPress Plugin Vulnerabilities

Site Reviews < 5.13.1 - Admin+ Stored XSS

Description

The plugin does not sanitise some of its Review Details when adding a review as an admin, which could allow them to perform Cross-Site Scripting attacks when the unfiltered_html is disallowed

Proof of Concept

As an admin, create a review via the Admin dashboard (/wp-admin/post-new.php?post_type=site-review) and add the following payload in the Name/IP Address fields of the Review Details section: <script>alert(/XSS/)</script>

The XSS will be triggered when viewing the Reviews list table in the admin dashboard

Affects Plugins

Plugin icon
site-reviews
Fixed in 5.13.1

References

CVE
CVE-2021-24603
URL
https://www.hackpertise.com/cve/9-cve-2021-24603/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
3.4 (low)

Miscellaneous

Original Researcher
Asif Nawaz Minhas
Submitter
Asif Nawaz Minhas
Verified
Yes
WPVDB ID
72aea0e5-1fa7-4827-a173-59982202d323

Timeline

Publicly Published
2021-08-09 (about 2 years ago)
Added
2021-08-09 (about 2 years ago)
Last Updated
2023-04-12 (about 1 years ago)

Other

Published
Title
Published
2017-10-11
Title
Qards - Stored Cross-Site Scripting (XSS)
Published
2014-12-16
Title
Better Search < 1.3.5 - Reflected Cross-Site Scripting (XSS)
Published
2023-03-20
Title
Simple Giveaways < 2.45.1 - Admin+ Stored XSS
Published
2018-10-31
Title
Multi Step Form <= 1.2.5 - Cross-Site Scripting (XSS)
Published
2021-07-30
Title
Nifty Newsletters <= 4.0.23 - CSRF to Stored XSS