WordPress Plugin Vulnerabilities
CoolClock < 4.3.5 - Contributor+ Stored Cross-Site Scripting
Description
The plugin does not escape some shortcode attributes, allowing users with a role as low as Contributor toperform Stored Cross-Site Scripting attacks
Proof of Concept
As a user with a role as low as contributor, put the following shortcode in a post/page and view/preview it to trigger the XSS (which is specific to the TwentyTwentuOne theme but could be changed) [coolclock fontcolor='orange" style="animation-name:twentytwentyone-close-button-transition" onanimationend="alert(origin)//']
Affects Plugins
References
CVE
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
apple502j
Submitter
apple502j
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2021-08-30 (about 2 years ago)
Added
2021-08-30 (about 2 years ago)
Last Updated
2022-04-11 (about 2 years ago)