WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

WP CSV <= 1.8.0.0 - Reflected XSS via CSV Import

Description

The plugin does not sanitize and escape a parameter before outputting it back in the page when importing a CSV, and doe snot have CSRF checks in place as well, leading to a Reflected Cross-Site Scripting.

Proof of Concept

Create a .txt file and the below line there:
 
$ echo "<script>alert(/XSS/)</script>"
 
Make a logged in admin import the file (via "WP CSV" > "Import") to trigger the XSS

The attack could also be performed via CSRF

Affects Plugins

wp-csv
No known fix - plugin closed

References

CVE
CVE-2022-4368

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

Mesut Cetin

Submitter

Mesut Cetin

Submitter website
https://github.com/m-cetin/
Verified

Yes

WPVDB ID
fa7e2b64-ca48-4b76-a2c2-f5e31e42eab7

Timeline

Publicly Published

2022-12-15 (about 5 months ago)

Added

2022-12-14 (about 5 months ago)

Last Updated

2022-12-14 (about 5 months ago)

Our Other Services

WPScan WordPress Security Plugin