WordPress Plugin Vulnerabilities

WP User < 7.0 - Reflected Cross-Site Scripting

Description

The plugin does not sanitise and escape some parameters in pages where the [wp_user] shortcode is used, leading to Reflected Cross-Site Scripting issues

Proof of Concept

Affects Plugins

Plugin icon
wp-user
Fixed in 7.0

References

CVE
CVE-2021-25034

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Original Researcher
Jeremie Amsellem
Submitter
Jeremie Amsellem
Submitter website
https://fenrir.pro
Submitter twitter
lp1eu
Verified
Yes
WPVDB ID
c4e50dd2-450f-413d-b15f-ece413e42157

Timeline

Publicly Published
2022-01-31 (about 3 years ago)
Added
2022-01-31 (about 3 years ago)
Last Updated
2022-04-12 (about 3 years ago)

Other

Published
Title
Published
2024-10-21
Title
WP-Members Membership Plugin < 3.4.9.6 - Reflected Cross-Site Scripting
Published
2023-11-24
Title
Video PopUp < 1.1.4 - Contributor+ Stored XSS via Shortcode
Published
2022-06-13
Title
Gallery < 2.0.0 - Reflected Cross-Site Scripting
Published
2025-07-01
Title
Magic Buttons for Elementor < 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via magic-button Shortcode
Published
2024-05-01
Title
IDonate < 2.0.0 - Admin+ Stored XSS