WordPress Plugin Vulnerabilities

Upload File Type Settings <= 1.1 - Admin+ Stored XSS

Description

The plugin does not sanitize and escape some fields in the plugin settings, which could allow high-privilege users such as an administrator to inject arbitrary web scripts even when the unfiltered_html capability is disallowed (for example in a multisite setup).

Affects Plugins

Plugin icon
upload-file-type-settings-plugin
No known fix

References

CVE
CVE-2023-25781
URL
https://patchstack.com/database/vulnerability/upload-file-type-settings-plugin/wordpress-upload-file-type-settings-plugin-plugin-1-1-cross-site-scripting-xss

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
3.5 (low)

Miscellaneous

Original Researcher
Rio Darmawan
Verified
No
WPVDB ID
bbd2ffe8-caa7-49db-814b-9e236983f088

Timeline

Publicly Published
2023-02-15 (about 3 years ago)
Added
2023-05-29 (about 2 years ago)
Last Updated
2023-05-29 (about 2 years ago)

Other

Published
Title
Published
2024-06-18
Title
WP Recipe Maker < 9.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'group_tag'
Published
2022-12-27
Title
Rate my Post – WP Rating System < 3.3.9 - Contributor+ Stored XSS via Shortcode
Published
2024-11-22
Title
Chessgame Shizzle < 1.3.1 - Reflected Cross-Site Scripting
Published
2024-10-07
Title
Easy Mega Menu Plugin for WordPress – ThemeHunk < 1.1.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting
Published
2024-03-28
Title
Landing Page Builder < 1.5.1.8 - Authenticated (Editor+) Stored Cross-Site Scripting