Loading Page with Loading Screen < 1.0.83 – Admin+ Stored Cross-Site Scripting | CVE 2022-2169 | Plugin Vulnerabilities

Description

The plugin does not escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

Proof of Concept

Go to Settings -> Loading Page, in the "Display loading screen in" settings, select either "specific pages" or "specific post types" and ut the following payload in the related text field: "onmouseover=alert(/XSS/)//

Affects Plugins

Fixed in 1.0.83

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Nikhil Kapoor

Submitter

Nikhil Kapoor

Submitter website

https://www.linkedin.com/in/nikhil786/

Verified

Yes

WPVDB ID

a9f4aab7-b42b-4bb6-b05d-05407f935230

Timeline

Publicly Published

2022-06-23 (about 1 years ago)

Added

2022-06-23 (about 1 years ago)

Last Updated

2023-04-01 (about 1 years ago)

Other

Published

Title

Published

2022-03-21

Title

Image optimization & Lazy Load < 3.3.2 - Admin+ Stored Cross-Site Scripting

Published

2022-12-17

Title

Bg Bible References <= 3.8.14 - Reflected XSS

Published

2023-01-27

Title

bbPress Voting < 2.1.11.1 - Admin+ Stored XSS

Published

2020-12-18

Title

Simple Social Buttons < 3.2.1 - Unauthenticated Reflected Cross-Site Scripting

Published

2023-11-07

Title

ANAC XML Bandi di Gara <= 7.5 - Authenticated (Editor+) Stored Cross-Site Scripting