WordPress Plugin Vulnerabilities
ActivityPub for WordPress < 1.0.1 - Contributor+ Stored XSS
Description
The plugin does not sanitize and escape some data from post content, which could allow contributor and above role to perform Stored Cross-Site Scripting attacks
Proof of Concept
As a contributor, create or edit a post with the payload below while in code editor mode <img src="404" id="!#!#PROTECT0#!#!"/><pre class=" onerror=alert(document.domain) ">xyz</pre> The XSS will be triggered when viewing/previewing the post
Affects Plugins
References
CVE
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Ben Bidner
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2023-09-25 (about 7 months ago)
Added
2023-09-25 (about 7 months ago)
Last Updated
2023-09-25 (about 7 months ago)