WordPress Plugin Vulnerabilities

Multiple Plugins from AYS Pro - Reflected Cross-Site Scripting (XSS)

Description

The plugins did not properly sanitise and escape some GET parameters before outputting them back in attributes, leading to reflected Cross-Site Scripting issues which will be executed in the context of a logged in administrator

Proof of Concept

Affects Plugins

Plugin icon
ays-slider
Fixed in 2.5.0
Plugin icon
gallery-photo-gallery
Fixed in 4.4.4
Plugin icon
ays-facebook-popup-likebox
Fixed in 3.5.3
Plugin icon
survey-maker
Fixed in 1.5.6
Plugin icon
ays-popup-box
Fixed in 2.3.4
Plugin icon
portfolio-responsive-gallery
Fixed in 1.1.8

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
7.1 (high)

Miscellaneous

Original Researcher
WPScanTeam
Verified
Yes
WPVDB ID
bd2e0643-c83b-4ca6-9332-66e4c49252ba

Timeline

Publicly Published
2021-06-29 (about 4 years ago)
Added
2021-06-29 (about 4 years ago)
Last Updated
2021-06-29 (about 4 years ago)

Other

Published
Title
Published
2023-02-23
Title
VK All in One Expansion Unit < 9.87.1.0 - Reflected XSS
Published
2019-07-03
Title
Simple Mail Address Encoder < 1.7 - Reflected Authenticated XSS
Published
2014-08-01
Title
Flashlight - Unspecified XSS
Published
2025-03-11
Title
pipDisqus < 1.7 - Authenticated (Administrator+) Stored Cross-Site Scripting
Published
2024-06-28
Title
Cards for Beaver Builder < 1.1.5 - Authenticated (Editor+) Stored Cross-Site Scripting