WP Simple Table Manager Plugin < 1.6.1 – Admin+ Stored Cross-Site Scripting | CVE 2023-4858 | Plugin Vulnerabilities

Description

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

Proof of Concept

1. Click Simple Table Manager then "Export CSV" after selecting and saving a table in  "Settings" tab. 
2. Put the following in CSV file name then click Save: "><img src=1 onerror=alert(/xss/)>
3. An alert will load, and it will trigger each time an admin navigates to those settings.

Affects Plugins

simple-table-manager

Fixed in 1.6.1

References

CVE

URL

https://github.com/nightcloudos/bug_report/blob/main/vendors/poc2.md

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

niclo

Submitter

niclo

Verified

Yes

WPVDB ID

ef8029e0-9282-401a-a77d-10b6656adaa6

Timeline

Publicly Published

2023-10-16 (about 2 years ago)

Added

2023-10-16 (about 2 years ago)

Last Updated

2025-03-10 (about 9 months ago)

Other

Published

Title

Published

2025-11-06

Title

JetElements For Elementor < 2.7.12.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2024-08-26

Title

WP Testimonial Widget <= 3.1 - Authenticated (Admin+) Stored Cross-Site Scripting

Published

2022-01-14

Title

Themify Portfolio Post < 1.1.7 - Reflected Cross-Site Scripting

Published

2024-03-25

Title

Essential Addons for Elementor < 5.9.12 - Contributor+ Stored XSS

Published

2024-11-08

Title

wp_automatic_widget <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting