WordPress Plugin Vulnerabilities
My Calendar < 3.4.24 - Authenticated Stored XSS
Description
The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Subscriber to perform Cross-Site Scripting attacks (depending on the permissions set by the admin)
Proof of Concept
1. Use any type of role (as long as you permit it the action to Add Events). 2. Add a new event, and insert the following in the Excerpt field and in the Registration Information field: <script>alert(111)</script> 3. Edit the event using an Admin account, or browse it on the front end and the alert will trigger.
Affects Plugins
References
CVE
Classification
Type
XSS
OWASP top 10
CWE
Miscellaneous
Submitter
cyc707
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2024-03-07 (about 2 months ago)
Added
2024-03-07 (about 2 months ago)
Last Updated
2024-03-07 (about 2 months ago)