WordPress Plugin Vulnerabilities
Simply Excerpts <= 1.4 - Admin+ Stored XSS
Description
The plugin does not sanitize and escape some fields in the plugin settings, which could allow high-privilege users such as an administrator to inject arbitrary web scripts even when the unfiltered_html capability is disallowed (for example in a multisite setup).
Proof of Concept
Put the following payload in the "Read more text" setting of the plugin and save: 1"><img src=1 onerror=alert(/xss/)>
Affects Plugins
References
CVE
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
niclo
Submitter
niclo
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2023-11-13 (about 6 months ago)
Added
2023-11-13 (about 6 months ago)
Last Updated
2023-11-13 (about 6 months ago)