Project Status <= 1.6 – Reflected Cross-Site Scripting (XSS) | CVE 2021-24558 | Plugin Vulnerabilities

Description

The pspin_duplicate_post_save_as_new_post function of the plugin does not sanitise, validate or escape the post GET parameter passed to it before outputting it in an error message when the related post does not exist, leading to a reflected XSS issue

Proof of Concept

Open the below URL as any authenticated user

https://example.com/wp-admin/admin.php?action=pspin_duplicate_post_save_as_new_post_draft&post=%3Cscript%3Ealert(document.domain)%3C/script%3E

Affects Plugins

No known fix

References

CVE

URL

https://codevigilant.com/disclosure/2021/wp-plugin-project-status/

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Shreya Pohekar of Codevigilant Project

Verified

Yes

WPVDB ID

ca5f2152-fcfd-492d-a552-f9604011beff

Timeline

Publicly Published

2021-07-24 (about 2 years ago)

Added

2021-07-24 (about 2 years ago)

Last Updated

2021-08-10 (about 2 years ago)

Other

Published

Title

Published

2024-04-25

Title

VOD Infomaniak <= 1.5.6 - Reflected Cross-Site Scripting

Published

2022-08-22

Title

Classima < 2.1.11 - Reflected Cross-Site Scripting

Published

2020-12-12

Title

Directories Pro < 1.3.46 - Authenticated Self-Reflected Cross-Site Scripting

Published

2023-09-25

Title

Simple Posts Ticker < 1.1.6 - Contributor+ Stored XSS

Published

2023-10-16

Title

WooCommerce PDF Invoice Builder < 1.2.104 - Reflected XSS