WordPress Plugin Vulnerabilities
Cookie Bar < 1.8.9 - Admin+ Stored Cross-Site Scripting
Description
The plugin doesn't properly sanitise the Cookie Bar Message setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Proof of Concept
Add the following payload in the "Cookie Bar Message" setting of the plugin (/wp-admin/options-general.php?page=cookie-bar-settings): <img src onerror=alert(/XSS/)> Then access the frontend (with any user/unauthenticated user) to trigger the XSS
Affects Plugins
References
CVE
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
pang0lin@webray.com.cn inc
Submitter
pang0lin@webray.com.cn inc
Submitter website
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2021-09-22 (about 2 years ago)
Added
2021-09-22 (about 2 years ago)
Last Updated
2023-02-03 (about 1 years ago)