About Author Box < 1.0.2 - Contributor+ Stored Cross-Site Scripting
The plugin does not sanitise and escape the Social Profiles field values before outputting them in attributes, which could allow user with a role as low as contributor to perform Cross-Site Scripting attacks.
Proof of Concept
With a role as low as Contributor, put the following payloads in one of the Social Profile fields in your profile (/wp-admin/profile.php):
- " style=animation-name:twentytwentyone-close-button-transition onanimationend=alert(/XSS/)//
The XSS will be triggered on posts published by the user and might require user interaction.