Popup Box Pro < 20.9.0 – Admin+ Stored XSS | CVE 2023-6591 | Plugin Vulnerabilities

Description

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

Proof of Concept

Create/edit a new popup and add the following payload in the Custom Content: <script>alert(1);</script>

Save, and notice the alert box appearing when visiting the blog

Affects Plugins

Fixed in 20.9.0

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

John Jefferson Li

Submitter

John Jefferson Li

Verified

Yes

WPVDB ID

f296de1c-b70b-4829-aba7-4afa24f64c51

Timeline

Publicly Published

2024-01-22 (about 1 year ago)

Added

2024-01-22 (about 1 year ago)

Last Updated

2024-01-22 (about 1 year ago)

Other

Published

Title

Published

2022-08-01

Title

Multiple Plugins from Puvox.software - Reflected Cross-Site Scripting

Published

2021-05-16

Title

Mediumish <= 1.0.47 - Unauthenticated Reflected Cross-Site Scripting (XSS)

Published

2022-08-10

Title

SP Project & Document Manager < 4.62 - Reflected Cross-Site Scripting

Published

2014-08-01

Title

Covert Videopress - VideoJS Cross-Site Scripting

Published

2024-06-10

Title

Quiz And Survey Master < 9.0.2 - Contributor+ Stored XSS