Image Optimizer by 10web < 1.0.27 – Reflected Cross-Site Scripting | CVE 2023-2122 | Plugin Vulnerabilities

Description

The plugin does not sanitise and escape the iowd_tabs_active parameter before rendering it in the plugin admin panel, leading to a reflected Cross-Site Scripting vulnerability, allowing an attacker to trick a logged in admin to execute arbitrary javascript by clicking a link.

Proof of Concept

Make a logged in admin open https://example.com/wp-admin/admin.php?page=iowd_settings&msg=1&iowd_tabs_active=generalry8uo%22%3e%3cimg%20src%3da%20onerror%3dalert(1)%3ef0cmo

Affects Plugins

image-optimizer-wd

Fixed in 1.0.27

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Phạm Ngọc Khánh

Submitter

Phạm Ngọc Khánh

Verified

Yes

WPVDB ID

936fd93a-428d-4744-a4fc-c8da78dcbe78

Timeline

Publicly Published

2023-04-26 (about 1 years ago)

Added

2023-04-26 (about 1 years ago)

Last Updated

2023-04-26 (about 1 years ago)

Other

Published

Title

Published

2024-02-28

Title

Advanced iFrame < 2024.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2014-08-01

Title

WP Photo Album Plus < 4.8.12 - wp-photo-album-plus.php wppa-searchstring XSS

Published

2016-05-02

Title

bbPress <= 2.5.8 - Stored Cross-Site Scripting (XSS)

Published

2023-07-19

Title

Art Decoration Shortcode <= 1.5.6 - Contributor+ Stored XSS

Published

2023-09-25

Title

User Avatar - Reloaded < 1.2.2 - Contributor+ Stored XSS