WordPress Plugin Vulnerabilities

LiteSpeed Cache < 3.6.1 - Authenticated Stored Cross-Site Scripting

Description

The plugin does not sanitise invalid IPs given in its Toolbox page before displaying them in an error message.

Proof of Concept

Submit a payload such as <img src onerror=alert(/XSS/)> in the Admin IPs section of the Toolbox (/wp-admin/admin.php?page=litespeed-toolbox)

Affects Plugins

Plugin icon
litespeed-cache
Fixed in 3.6.1

References

CVE
CVE-2020-29172
URL
https://plugins.trac.wordpress.org/changeset/2443924/litespeed-cache/trunk/src/admin-display.cls.php

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
3.3 (low)

Miscellaneous

Original Researcher
WonTae Jang
Verified
Yes
WPVDB ID
8ef35524-d996-4285-aca2-dc62e02c074d

Timeline

Publicly Published
2020-12-26 (about 3 years ago)
Added
2020-12-26 (about 3 years ago)
Last Updated
2020-12-28 (about 3 years ago)

Other

Published
Title
Published
2023-05-19
Title
Groundhogg < 2.7.10 - Contributor+ Stored XSS
Published
2019-07-04
Title
Appointment Booking Calendar < 1.3.19 - Unauthenticated Stored XSS
Published
2024-02-09
Title
Brooklyn <= 4.9.7.6 - Reflected Cross-Site Scripting
Published
2024-04-26
Title
Form Maker by 10Web < 1.15.25 - Authenticated (Subscriber+) Stored Self-Based Cross-Site Scripting
Published
2023-07-20
Title
Borderless < 1.4.9 - Admin+ Stored XSS