WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Form Builder < 1.9.8.4 - Authenticated Stored Cross-Site Scripting

Description

The plugin does not sanitise or escape its Form Title, allowing high privilege users such as admin to set Cross-Site Scripting payload in them, even when the unfiltered_html capability is disallowed

Proof of Concept

Create a new Form via the plugin, go to Form Settings then add the following payload in the Title field: "><img src onerror=alert(1)> and save the form

The XSS will be triggered when viewing/editing the form in the admin dashboard

Affects Plugins

contact-form-add
Fixed in version 1.9.8.4

References

CVE
CVE-2021-24513

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

Felipe Restrepo Rodriguez

Submitter

Felipe Restrepo Rodriguez

Submitter website
https://pfelilpe.com
Submitter twitter
Pfelilpe
Verified

Yes

WPVDB ID
a1dc0ea9-51dd-43c3-bfd9-c5106193aeb6

Timeline

Publicly Published

2021-08-09 (about 9 months ago)

Added

2021-08-09 (about 9 months ago)

Last Updated

2022-02-24 (about 2 months ago)

Our Other Services

WPScan WordPress Security Plugin