WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact
WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Social comments by WpDevArt < 2.5.0 - Admin+ Stored Cross-Site Scripting

Description

The plugin does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfiltered_html is disallowed

Proof of Concept

Put the following payload in any of the plugin's text field settings (such as Title , Title font-size etc): "><svg onload=prompt(1)//

Then save and reload the settings to trigger the XSS. The XSS will also trigger in pages/posts where the plugin's shortcode is embed 

Affects Plugins

comments-from-facebook
Fixed in version 2.5.0

References

CVE
CVE-2022-0876

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

Mika

Submitter

Mika

Submitter website
https://mikadmin.fr/
Submitter twitter
mika_sec
Verified

Yes

WPVDB ID
73be6e92-ea37-4416-977d-52ee2afa022a

Timeline

Publicly Published

2022-04-04 (about 3 months ago)

Added

2022-04-04 (about 3 months ago)

Last Updated

2022-04-09 (about 2 months ago)

Our Other Services

WPScan WordPress Security Plugin
WPScan

Vulnerabilities

WordPressPluginsThemesOur StatsSubmit vulnerabilities

About

How it worksPricingWordPress pluginNewsContact

For Developers

StatusAPI detailsCLI scanner

Other

PrivacyTerms of serviceDisclosure policy
jetpackIn partnership with Jetpack
githubtwitterfacebook
Angithubendeavor
Work With Us