The plugin did not properly check its CSRF nonce in the Font_Awesome_Field.save() method, which could allow attackers to make logged in users capable of editing posts change the Step Icon of arbitrary Process Steps. Due to the lack of sanitisation of the submitted Step icon value, it could also lead to a Stored XSS issue
Submit the request without the fa_field_icon_nonce to bypass the CSRF check For XSS, fa_field_icon=%22%3e%3cimg%20src%20onerror%3dalert(%2fXSS%2f)%3e
Jerome Bruandet (nintechnet.com)
WPScanTeam
Yes
2021-02-17 (about 1 years ago)
2021-02-17 (about 1 years ago)
2021-03-02 (about 1 years ago)