RSS Aggregator by Feedzy < 4.1.1 – Contributor+ Stored XSS | CVE 2022-4667 | Plugin Vulnerabilities

Description

The plugin does not validate and escape some of its block options before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.

Proof of Concept

1. Add the Feedzy RSS Feeds Block.

2. Then add the CSS Class to the Block: " onmouseover="alert(1)" style="background:red;"

3. Hover the mouse over the content displayed by the block in a page/post to trigger the payload.

Affects Plugins

feedzy-rss-feeds

Fixed in 4.1.1

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Lana Codes

Submitter

Lana Codes

Submitter website

https://lana.codes/

Submitter twitter

Verified

Yes

WPVDB ID

a388232b-a399-46a5-83e6-20c1b5df351d

Timeline

Publicly Published

2023-01-04 (about 1 years ago)

Added

2023-01-04 (about 1 years ago)

Last Updated

2023-01-04 (about 1 years ago)

Other

Published

Title

Published

2024-04-30

Title

ElementsKit Elementor addons 3.0.7 - 3.1.2 - Contributor+ Stored XSS

Published

2014-08-01

Title

Yahoo Updates < 1.0 - XSS vulnerabilities in yupdates_application.php

Published

2022-06-22

Title

Download Manager < 3.2.48 - Contributor+ Stored Cross-Site Scripting

Published

2019-05-16

Title

Toggle The Title <= 1.4 - XSS

Published

2016-10-10

Title

Simplified Content <= 1.0.0 - XSS