WordPress Plugin Vulnerabilities

Ivory Search < 4.8 - Contributor+ Stored Cross-Site Scripting

Description

The plugin dos not escape the id argument of its shortcode, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks

Proof of Concept

Affects Plugins

Plugin icon
add-search-to-menu
Fixed in 4.8

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.8 (medium)

Miscellaneous

Verified
Yes
WPVDB ID
8eb624d0-4d43-4c25-86b7-41ff5d595bb8

Timeline

Publicly Published
2021-11-02 (about 4 years ago)
Added
2022-01-03 (about 4 years ago)
Last Updated
2022-01-03 (about 4 years ago)

Other

Published
Title
Published
2014-08-01
Title
platinum_seo_pack.php - s Parameter Reflected XSS
Published
2020-08-31
Title
Recall Products <= 0.8 - Authenticated Cross-Site Scripting
Published
2024-11-21
Title
LearnPress < 4.2.7.2 - Admin+ Stored XSS
Published
2026-04-03
Title
Xpro Addons — 140+ Widgets for Elementor < 1.4.21 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2015-06-25
Title
WordPress Landing Pages <= 1.8.7 - Unspecified Cross-Site Scripting (XSS)