WordPress Plugin Vulnerabilities

Autoptimize < 3.1.7 - Admin+ Stored Cross-Site Scripting via Settings Import

Description

The plugin does not sanitise and escape the settings imported from a previous export, allowing high privileged users (such as an administrator) to inject arbitrary javascript into the admin panel, even when the unfiltered_html capability is disabled, such as in a multisite setup.

Proof of Concept

Affects Plugins

Plugin icon
autoptimize
Fixed in 3.1.7

References

CVE
CVE-2023-2113

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
3.5 (low)

Miscellaneous

Original Researcher
Juampa Rodríguez
Submitter
Juampa Rodríguez
Submitter website
https://infayer.com/
Submitter twitter
und3sc0n0c1d0
Verified
Yes
WPVDB ID
ddb4c95d-bbee-4095-aed6-25f6b8e63011

Timeline

Publicly Published
2023-05-02 (about 2 years ago)
Added
2023-05-02 (about 2 years ago)
Last Updated
2023-05-02 (about 2 years ago)

Other

Published
Title
Published
2024-12-19
Title
Category Post Slider <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2020-12-12
Title
Directories Pro < 1.3.46 - Authenticated Reflected Cross-Site Scripting
Published
2023-03-20
Title
Simple Giveaways < 2.45.1 - Admin+ Stored Cross-Site Scripting
Published
2024-02-01
Title
SlimStat Analytics < 5.1.4 - Subscriber+ Stored XSS
Published
2024-08-28
Title
Premium Portfolio Features for Phlox theme < 2.3.5 - Contributor+ Stored XSS