WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Official Integration for Billingo < 3.4.0 - ShopManager+ Stored XSS

Description

The plugin does not sanitise and escape some of its settings, which could allow high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting attacks.

Proof of Concept

Put the following payload in the WooCommerce > Settings > Billingo > E-mail Beállítások > Gomb szöveg field (in the table): "><script>alert(/XSS/)</script>

Affects Plugins

billingo
Fixed in version 3.4.0

References

CVE
CVE-2022-3420

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

Lana Codes

Submitter

Lana Codes

Submitter website
https://lana.codes/
Submitter twitter
LanaCodes
Verified

Yes

WPVDB ID
ce5fac6e-8da1-4042-9cf8-7988613f92a5

Timeline

Publicly Published

2022-10-10 (about 7 months ago)

Added

2022-10-10 (about 7 months ago)

Last Updated

2022-10-10 (about 7 months ago)

Our Other Services

WPScan WordPress Security Plugin