WordPress Plugin Vulnerabilities

GeoDirectory – WordPress Business Directory Plugin, or Classified Directory < 2.3.49 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'gd_single_tabs' Shortcode

Description

The GeoDirectory – WordPress Business Directory Plugin, or Classified Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gd_single_tabs' shortcode in all versions up to, and including, 2.3.48 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Affects Plugins

Plugin icon
geodirectory
Fixed in 2.3.49

References

CVE
CVE-2024-3732
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/5a91e786-f570-4c6c-b1c7-0110774cb808

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.4 (medium)

Miscellaneous

Original Researcher
Krzysztof Zając
Verified
No
WPVDB ID
91e0ee47-b5a6-4716-b98a-d6743ccb42c4

Timeline

Publicly Published
2024-04-22 (about 2 years ago)
Added
2024-04-22 (about 2 years ago)
Last Updated
2024-04-22 (about 2 years ago)

Other

Published
Title
Published
2023-04-16
Title
WPML Multilingual CMS < 4.6.1 - Reflected Cross-Site Scripting
Published
2024-07-04
Title
Beaver Builder < 2.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2015-08-11
Title
Display Widgets <= 2.03 - Authenticated Cross-Site Scripting (XSS)
Published
2024-02-21
Title
Elementor Addon Elements < 1.13 - Contributor+ Stored XSS
Published
2024-07-10
Title
Magical Posts Display – Elementor & Gutenberg Posts Blocks < 1.2.39 - Authenticated (Contributor+) Stored Cross-Site Scripting