WordPress Plugin Vulnerabilities

WP Tiles <= 1.1.2 - Contributor+ Stored XSS

Description

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks

Proof of Concept

[wp-tiles extra_classes='" onmouseover="alert(/XSS/)"']

Affects Plugins

Plugin icon
wp-tiles
No known fix

References

CVE
CVE-2022-4827

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
7.1 (high)

Miscellaneous

Original Researcher
Lana Codes
Submitter
Lana Codes
Submitter website
https://lana.codes/
Submitter twitter
LanaCodes
Verified
Yes
WPVDB ID
f2a922ac-6bc9-4caa-b1cc-9ca9cff4bd51

Timeline

Publicly Published
2023-03-16 (about 1 years ago)
Added
2023-03-16 (about 1 years ago)
Last Updated
2023-03-16 (about 1 years ago)

Other

Published
Title
Published
2024-05-10
Title
Blocksy Companion < 2.0.46 - Contributor+ Stored Cross-Site Scripting via SVG Uploads
Published
2021-12-13
Title
WOOCS < 1.3.7.3 - Reflected Cross-Site Scripting
Published
2022-06-20
Title
Shortcodes and extra features for Phlox theme < 2.9.8 - Reflected Cross-Site-Scripting
Published
2023-05-12
Title
DBargain < 4.0.0 - Admin+ Stored XSS
Published
2022-05-16
Title
WP Born Babies <= 1.0 - Contributor+ Stored Cross-Site Scripting