Bg Bible References <= 3.8.14 – Reflected XSS | CVE 2022-4374 | Plugin Vulnerabilities

Description

The plugin does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting.

Proof of Concept

Steps to reproduce:

1. Install the vulnerable plugin (bg-biblie-references 3.18.4)
2. As an unauthenticated or authenticated user, visit the following URL which triggers an alert box:

http://127.0.0.1:7777/wp-admin/admin-ajax.php?action=bg_bibrefs&title=Gen&lang=en&type=x'><script>alert(`xss`)</script>

Affects Plugins

bg-biblie-references

No known fix

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

cydave

Submitter

cydave

Submitter website

https://cyllective.com/

Submitter twitter

Verified

Yes

WPVDB ID

bbaa808d-47b1-4c70-b157-f8297f627a07

Timeline

Publicly Published

2022-12-17 (about 3 years ago)

Added

2022-12-17 (about 3 years ago)

Last Updated

2022-12-17 (about 3 years ago)

Other

Published

Title

Published

2024-10-25

Title

Kata Plus < 1.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2023-10-12

Title

CPT Shortcode Generator <= 1.0 - Admin+ Stored XSS

Published

2023-02-21

Title

Smart Logo Showcase Lite <= 1.1.9 - Contributor+ Stored XSS

Published

2024-07-09

Title

ConeBlog – WordPress Blog Widgets < 1.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2019-02-05

Title

YOP Poll <= 6.0.2 - Cross-Site Scripting (XSS)