The plugin does not properly escape chart data label, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Create a chart (/wp-admin/themes.php?page=rough_chart), add the following payload in a Chart Data Label and save it: <a href="javascript:alert(/XSS/)">XSS</a> The XSS will be triggered when viewing the chart and clicking on the label
Siddhant Suresh Ughade
Siddhant Suresh Ughade
Yes
2022-07-18 (about 6 months ago)
2022-07-18 (about 6 months ago)
2022-07-18 (about 6 months ago)