WordPress Plugin Vulnerabilities

WP Best Quiz <= 1.0 - Author+ Stored XSS

Description

The plugin does not sanitize and escape some parameters, which could allow users with a role as low as Author to perform Cross-Site Scripting attacks.

Proof of Concept

1. Go to Quiz » Add Categories.
2. Inset a category with the payload as name: <script>alert(1)</script>.
3. The XSS will be trigged when accessing the Add Categories dashboard again.

Affects Plugins

Plugin icon
wp-best-quiz
No known fix

References

CVE
CVE-2022-3739

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
4.1 (medium)

Miscellaneous

Original Researcher
Alpaca
Submitter
Alpaca
Submitter website
https://blog.a-mao.com
Submitter twitter
marrlinsh
Verified
Yes
WPVDB ID
b9f39ced-1e0f-4559-b861-39ddcbcd1249

Timeline

Publicly Published
2022-10-28 (about 1 years ago)
Added
2022-10-28 (about 1 years ago)
Last Updated
2022-10-28 (about 1 years ago)

Other

Published
Title
Published
2014-08-01
Title
Count per Day 3.2.5 - counter.php HTTP Referer Header XSS
Published
2021-04-15
Title
Clever Addons for Elementor < 2.1.0 - Contributor+ Stored XSS
Published
2022-02-01
Title
Cost Calculator < 1.6 - Contributor+ Stored Cross-Site Scripting
Published
2024-01-08
Title
Beds24 Online Booking < 2.0.25 - Contributor+ Stored XSS
Published
2021-08-26
Title
PostX Gutenberg Blocks Saved Templates Addon < 2.4.10 - Contributor+ Stored Cross-Site Scripting