Social Slider Feed < 2.0.7 – Admin+ Stored XSS via Feeds | Plugin Vulnerabilities

Description

The plugin does not sanitise as well as escape user input in feeds, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

Proof of Concept

Put the following payload in a (Instagram) Feed title, Hashtag or Block Users fields: "><svg/onload=alert(/XSS/)>

The XSS will be triggered when editing the feed again, as well as in the Feeds dashboard (/wp-admin/admin.php?page=feeds-wisw) in case of the Feed title

Affects Plugins

instagram-slider-widget

Fixed in 2.0.7

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

WPScan

Verified

Yes

WPVDB ID

b68fcbe0-c7a3-4c32-b192-f5622a347f20

Timeline

Publicly Published

2022-08-09 (about 3 years ago)

Added

2022-08-09 (about 3 years ago)

Last Updated

2022-08-09 (about 3 years ago)

Other

Published

Title

Published

2024-03-25

Title

Tutor LMS Elementor Addons < 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2023-02-20

Title

Protected Posts Logout Button < 1.4.6 - Admin+ Stored XSS

Published

2016-04-12

Title

Simpel Reserveren 3 <= 3.5.2 - Unauthenticated Reflected Cross-Site Scripting (XSS)

Published

2014-08-01

Title

platinum_seo_pack.php - s Parameter Reflected XSS

Published

2024-01-29

Title

SEO Plugin by Squirrly SEO < 12.3.16 - Admin+ Stored XSS